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Commissioner for Patents 

Washington, D.C. 20231 February 27, 2002 

Sir: 

This application is the U.S. national stage under 35 USC § 371 of the above-identified 
international patent application. Please enter the attached substitute sheets for pages 1 , 3-6, 6/1 , 6/2, 
6/3 and 6/4 of the specification. The substitute sheets incorporate into the English language 
translation of the international application amendments presented in the international stage under 
PCT Article 19 and /or PCT Article 34. 



IN THE TITLE : 

Please amend the title of the invention, in its entirety, so as to read as follows: 

DATA DISTRIBUTION SYSTEM AS WELL AS DATA SUPPLY DEVICE, 
TERMINAL DEVICE AND RECORDING DEVICE FOR THE SAME 
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IN THE CLAIMS : 

Please cancel claims 1-33, without prejudice or disclaimer, and add claims 34-78 as follows: 

34. A data distribution system for distributing at least a license key for decrypting encrypted 
content data between said license key and said encrypted content data to each of terminals of a 
plurality of users from a content data supply device, comprising: 

a first interface unit (350) for externally transmitting data; 

a first session key generating unit (314) for producing a first symmetric key to be updated in 
response to every transmission of said license key; 

a session key encryption processing unit (316) for encrypting said first symmetric key with 
a first public encryption key, and applying the encrypted first symmetric key to said first interface 
unit; 

a session key decrypting unit (3 1 8) for decrypting a second symmetric key and a second 
public encryption key returned after being encrypted with said first symmetric key based on said first 
symmetric key to extract said second symmetric key and said second public encryption key; 

a first license data encryption processing unit (320) for encrypting said license key with said 
second public encryption key extracted by said session key decrypting unit; and 

a second license data encryption processing unit (822) for further encrypting the output of 
said first license data encryption processing unit with said second symmetric key extracted by said 
session key decrypting unit, and supplying the encrypted output to said first interface unit, wherein 

each of said terminals includes: 
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a second interface unit for externally transmitting the data, and 

a data storing unit (140) for receiving and storing at least said license key from said content 
data supply device; 

said first public encryption key is predetermined for said data storing unit; and 
said data storing unit includes: 

a first key holding unit (1402) for holding a first private decryption key for decrypting the 
data encrypted with said first public encryption key, 

a first decryption processing unit ( 1 404) for receiving and decrypting said first symmetric key 
encrypted with said first public encryption key, 

a second key holding unit (1405) for holding said second public encryption key, 

a second session key generating unit (1432) for producing said second symmetric key, 

a first encryption processing unit ( 1 406) for encrypting said second public encryption key and 
said second symmetric key based on said first symmetric key, and outputting the encrypted keys to 
said second interface unit, 

a second decryption processing unit (1410) for receiving said license key encrypted with said 
second symmetric key, further encrypted with said second public encryption key and applied from 
said second license data encryption processing unit, and decrypting the received license key based 
on said second symmetric key, 

a third key holding unit (1415) for holding a second private decryption key used for 
decrypting the data encrypted with said second public encryption key and being unique to said data 
storing unit, 
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a third decryption processing unit (1416) for receiving said license key encrypted with said 

second public encryption key, and decrypting the received license key with said second private 

decryption key for extraction, and 

a memory unit (1412) for storing said encrypted content data and said license key. 

35. The data distribution system according to claim 34, wherein 
each of said terminals further includes a content reproducing unit; 
said content reproducing unit includes: 

a fourth key holding unit ( 1 520) for holding a third private decryption key used for decrypting 
the data encrypted with said third public encryption key, 

a fourth decryption processing unit (1522) for decrypting and extracting said second 
symmetric key encrypted with said third public encryption key in said data storing unit, 

a third session key generating unit (1502) for producing a third symmetric key, 

a second encryption processing unit (1504) for encrypting said third symmetric key based on 
said second symmetric key decrypted and extracted by said fourth decryption processing unit, and 
outputting the encrypted third symmetric key, 

a fifth decryption processing unit (1506) for decrypting and extracting said license key 
encrypted based on said third symmetric key in said data storing unit, and 

a data reproducing unit (1508) for receiving said encrypted content data recorded in said 
memory unit from said data storing unit, and decrypting said encrypted content data with said 
extracted license key for reproduction; 
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said data storing unit further includes: 

a third encryption processing unit ( 1 43 0) for encrypting said second symmetric key produced 
by said second session key generating unit based on said third public encryption key; and 

said data storing unit sends instructions to receive by said content reproducing unit said third 
symmetric key encrypted with said second symmetric key, to encrypt by said first encryption 
processing unit said license key stored in said memory unit with said third symmetric key decrypted 
and extracted based on said second symmetric key by said second decryption processing unit (1410), 
and to output the encrypted license key to said content reproducing unit. 

36. The data distribution system according to claim 34, wherein 
said data storing unit further includes: 

a third encryption processing unit (1430) for encrypting said second symmetric key with said 
first public encryption key of a different data storing unit in a transfer processing for transferring at 
least said license key to said different data storing unit, and 

a fourth encryption processing unit (1414) for performing the encrypting processing with the 
second public encryption key of said different data storing unit; 

said second session key generating unit generates said second symmetric key in accordance 
with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth symmetric key applied 
from said different data storing unit after being encrypted with said second symmetric key and the 
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second public encryption key of said different data storing unit in accordance with said transfer 
processing; 

said fourth encryption processing unit encrypts said license key stored in said memory unit 
I j with the second public encryption key of said different data storing unit in accordance with said 

transfer processing; and 

said first encryption processing unit encrypts the output of said fourth encryption processing 
unit with said fourth symmetric key, and outputs the encrypted output to said different data storing 
unit in accordance with said transfer processing. 

37. The data distribution system according to claim 36, wherein 

transfer accepting processing of said data storing unit for receiving said license key 
transferred from said different data storing unit in accordance with transfer processing of said 
different data storing unit is performed such that: 

said first decryption processing unit decrypts and extracts said second symmetric key 
encrypted with said first public encryption key and generated by said different data storing unit in 
said transfer acceptance processing, 

said second session key generating unit generates said fourth symmetric key in accordance 
with said transfer acceptance processing, 

said first encryption processing unit encrypts said second public encryption key and said 
fourth symmetric key with said second symmetric key for output the encrypted keys in accordance 
with said transfer acceptance processing, and 
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said second decryption processing unit decrypts with said fourth symmetric key the license 
key encrypted with said second public encryption key of said different data storing unit, and further 
encrypted with said fourth symmetric key. 

38. The data distribution system according to claim 34, wherein 

said memory unit receives the output of said second decryption processing unit, and stores 
said license key encrypted with said second public encryption key, and 

said third decryption processing unit decrypts said license key encrypted with said second 
public encryption key stored in said memory unit with said second private decryption key. 

39. The data distribution system according to claim 34, wherein 

said third decryption processing unit receives the output of said second decryption processing 
unit, and decrypts said license key encrypted with said second public encryption key with said second 
private decryption key, and 

said memory unit receives the output of said third decryption processing unit, and stores said 
license key. 

40. A data supply device for supplying at least a license key for decrypting encrypted content 
data between said license key and said encrypted content data to each of a plurality of user terminals 
provided with a data storing unit capable of storing at least said license key, comprising: 

an interface unit (350) for externally transmitting data; 
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a session key generating unit (314) for producing a first symmetric key to be updated in 
response to every transmission of said license key; 

a session key encryption processing unit (316) for encrypting said first symmetric key with 
a first public encryption key predetermined corresponding to said data storing unit of said user 
terminal, and applying the encrypted first symmetric key to said interface unit; 

a session key decrypting unit (3 1 8) for decrypting and extracting a second symmetric key and 
a second public encryption key returned after being encrypted with said first symmetric key; 

a first license data encryption processing unit (320) for encrypting said license key for 
decrypting said encrypted content data with said second public encryption key decrypted by said 
session key decrypting unit; and 

a second license encryption processing unit (322) for further encrypting the output of said 
first license data encryption processing unit with said second symmetric key, and applying the 
encrypted output to said interface unit for supply to each of said terminals. 

41 . The data supply device according to claim 40, wherein 

said first public encryption key is applied from said terminal via said interface unit, and 
said session key encryption processing unit encrypts said first symmetric key with said 
applied first public encryption key. 

42. The data supply device according to claim 40, wherein 
said data supply device further includes: 
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an authentication key holding unit for holding an authentication key, 

an authentication decryption processing unit (326) for decrypting and extracting 
authentication data being decodable with said authentication key, obtained from said terminal via 
said interface unit and predetermined for said data storing unit of said terminal, and 

a control unit (312) for performing authentication processing based on said authentication 
data extracted by said authentication decryption processing unit, and determining whether at least 
the license key is to be supplied to the terminal providing said obtained authentication data or not. 

43. The data supply device according to claim 42, wherein 

said first public encryption key is obtained from each of said terminals via said interface unit 
after being encrypted together with said authentication data into a form decodable with said 
authentication key, and 

said authentication data decryption processing unit decrypts with said authentication key said 
authentication data and said first public encryption key obtained via said interface unit and encrypted 
into a form decodable with said authentication key, extracts said authentication data and said first 
public encryption key, and outputs said extracted authentication data and said extracted first public 
encryption key to said control unit and said session key encryption processing unit, respectively. 

44. The data supply device according to claim 40, wherein 
said data supply device includes: 
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an encryption key holding unit for holding a terminal common encryption key for performing 

encryption allowing decryption in each of said terminals, and 

a third license encryption processing unit for encrypting said license key with said terminal 

common encryption key held in said encryption key holding unit, and outputting the encrypted 

license key to said first license encryption processing unit. 

45. A data supply device for supplying at least a license key for decrypting encrypted 
content data between said license key and said encrypted content data to a plurality of recording 
devices, comprising: 

an interface unit (350) for transmitting data to and from said recording device; 

a connecting unit (2010, 2030) for connecting said interface unit and said recording device 
for supply of the data; 

a first session key generating unit (314) for producing a first symmetric key to be updated in 
response to every supply of said license key; 

a session key encryption processing unit (316) for encrypting said first symmetric key with 
a first public encryption key predetermined corresponding to said recording device, and applying the 
encrypted first symmetric key to said interface unit; 

a session key decrypting unit (3 1 8) for decrypting and extracting a second symmetric key and 
a second public encryption key applied from the recording device connected to said connecting unit 
after being encrypted with said first symmetric key; 
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a first license data encryption processing unit (320) for encrypting said license key for 

decrypting said encrypted content data with said second public encryption key decrypted by said 

session key decrypting unit; and 

a second license encryption processing unit (322) for further encrypting the output of said 

first license data encryption processing unit with said second symmetric key, and applying the 

encrypted output to said interface unit for supply to said recording device connected to the 

connecting unit. 

46. The data supply device according to claim 45, wherein 
each of said recording devices is a memory card, and 

said recording device can be directly connected to said memory card. 

47. The data supply device according to claim 45, wherein 

said first public encryption key is applied from each of said recording devices via said 
interface unit, and 

said session key encryption processing unit encrypts said first symmetric key with said 
applied first public encryption key. 

48. The data supply device according to claim 45, further comprising: 
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an authentication decryption processing unit (326) for decrypting and extracting 

authentication data being decodable with an authentication key, and obtained from said recording 

device via said interface unit, and 

a control unit (312) for performing authentication processing based on said authentication 

data extracted by said authentication decryption processing unit, and determining whether at least 

the license key is to be output to said recording device or not. 

49. (Amended) The data supply device according to claim 48, wherein 

said first public encryption key is obtained from said recording devices via said interface unit 
after being encrypted together with said authentication data into a form decodable with said 
authentication key, and 

said authentication data decryption processing unit decrypts with said authentication key said 
authentication data and said first public encryption key obtained via said interface unit and encrypted 
into a form decodable with said authentication key, extracts said authentication data and said first 
public encryption key, and outputs said extracted authentication data and said extracted first public 
encryption key to said control unit and said session key encryption processing unit, respectively. 

50. The data supply device according to claim 43, wherein 
said data supply device includes: 

an encryption key holding unit (330) attached to said recording device for obtaining said 
license key and said encrypted content data stored in said recording device, and holding a terminal 
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common encryption key for performing encryption allowing decryption by a plurality of terminals 
decrypting said encrypted content data to obtain the content data, and 

a third license encryption processing unit (332) for encrypting said license key based on said 
terminal common encryption key held in said encryption key holding unit, and outputting the 
encrypted license key to said first license encryption processing unit. 

5 1 . The data supply device according to claim 45, wherein 

said recording device includes means for changing the number of terminals connected to said 
interface unit for externally receiving the data, and performing switching between a serial mode for 
performing data communication on a bit-by-bit basis and a parallel mode for performing data 
communication by multiple bits at a time; 

said data supply device supplies said encrypted content data together with said license key 
to said recording device via said interface unit; and 

said interface unit instructs the parallel mode to said recording device when at least said 
encrypted content data is to be input to said recording device. 

52. A terminal device for receiving at least a license key for decrypting encrypted content 
data between said license key and said encrypted content data distributed from a data supply device, 
comprising: 

a first interface unit for externally transmitting data; and 

a data storing unit (140) for receiving and storing said license key, wherein 

13 
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said data storing unit includes: 

a first key holding unit (1402) for holding a first private decryption key for decrypting the 
data encrypted with a first public encryption key, 

a first decryption processing unit (1404) for receiving and decrypting a first symmetric key 
encrypted with said first public encryption key and externally input, 

a second key holding unit (1405) for holding a second public encryption key unique to said 
data storing unit, 

a second session key generating unit (1432) for producing a second symmetric key, 

a first encryption processing unit ( 1 406) for encrypting said second public encryption key and 
said second symmetric key based on said first symmetric key, and outputting the encrypted keys to 
said first interface unit, 

a second decryption processing unit (141 0) for receiving the license key encrypted with said 
second public encryption key and further encrypted with said second symmetric key, and decrypting 
the received license key based on said second symmetric key, 

a third key holding unit (1415) for holding a second private decryption key used for 
decrypting the data encrypted with said second public encryption key and being unique to said data 
storing unit, 

a memory unit ( 1 4 1 2) for receiving the output of said second decryption processing unit, and 
storing said license key encrypted with said second public encryption key, and 
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a third decryption processing unit (1416) for receiving the license key encrypted with said 
second public encryption key stored in said memory unit, and decrypting the received license key 
with said second private decryption key. 

53. The terminal device according to claim 52, wherein 

said data storing unit is a recording device releasably attached to said terminal device. 

54. The terminal device according to claim 52, wherein 

said data storing unit further includes a fourth key holding unit (1401) holding said first 
public encryption key and being capable of externally outputting said first public encryption key. 

55. The terminal device according to claim 52, wherein 

said data storing unit further includes a first data holding unit (1442) for encrypting and 
holding said first public encryption key and first authentication data unique to said data storing unit 
and determined uniquely to said first public encryption key in a form allowing decryption with a 
predetermined authentication key. 

56. The terminal device according to claim 52, wherein 

said terminal device further includes a content reproducing unit; 
said content reproducing unit includes: 
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a fifth key holding unit (1 520) for holding a third private decryption key used for decrypting 
the data encrypted with a third public encryption key unique to said content reproducing unit, 

a fourth decryption processing unit (1522) for decrypting and extracting said second 
symmetric key encrypted with said third public encryption key in said data storing unit, 

a third session key generating unit (1502) for producing a third symmetric key, 

a second encryption processing unit (1 504) for encrypting said third symmetric key based on 
said second symmetric key decrypted and extracted by said fourth decryption processing unit, and 
outputting the encrypted third symmetric key, 

a fifth decryption processing unit (1506) for decrypting and extracting the license key 
encrypted with said third symmetric key in said data storing unit, and 

a data reproducing unit (1508) for decrypting the encrypted content data recorded in said 
recording unit with said extracted license key to reproduce the content data; 

said data storing unit further includes a third encryption processing unit ( 1 430) for encrypting 
said second symmetric key produced by said second session key generating unit based on said third 
public encryption key; 

said second decryption processing unit (1410) further receives said third symmetric key 
encrypted with said second symmetric key in said content reproducing unit, and decrypts said 
encrypted third symmetric key based on said second symmetric key to extract said third symmetric 
key; 
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said third decryption processing unit decrypts said license key encrypted with said second 

public encryption key stored in said memory unit based on said second private decryption key, and 

extracts said license key; and 

said first encryption processing unit further encrypts said license key extracted by said third 

decryption processing unit based on said third symmetric key extracted by said second decryption 

processing unit, and applies the encrypted license key to said content reproducing unit. 

57. The terminal device according to claim 56, wherein 

said content reproducing unit further includes a sixth key holding unit ( 1 524) for holding said 
third public encryption key, and being capable of externally outputting said third public encryption 
key. 

58. The terminal device according to claim 56, wherein 

said content reproducing unit includes a second data holding unit (1 525) for encrypting and 
holding said third public encryption key and second authentication data being unique to said data 
storing unit and determined uniquely with respect to the third public encryption key such that said 
third public encryption key and said second authentication data can be decrypted with a 
predetermined authentication key; 

said data storing unit further includes: 

an authentication key holding unit for holding said authentication key, 
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an authentication data decryption processing unit for decrypting said second authentication 

data applied from said data storing unit based on said authentication key to extract said third public 

encryption key and said first authentication data, and 

a control unit ( 1 420) for performing authentication based on said second authentication data, 

and determining whether at least the license key is to be output to said content reproducing unit or 

not; and 

said authentication data decryption processing unit applies said extracted third public 
encryption key and said extracted second authentication data to said third encryption processing unit 
and said control unit, respectively. 

59. The terminal device according to claim 56, wherein 

said license key is stored in the memory unit after being encrypted into a form allowing 
decryption with a terminal common decryption key common to said plurality of terminals; 
said content reproducing unit further includes: 

a decryption key holding unit for holding said terminal common decryption key, and 
a sixth decryption processing unit for decrypting the output of said fifth decryption processing 
unit based on said terminal common decryption key to extract said license key. 

60. The terminal device according to claim 52, wherein 
said data storing unit further includes: 
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a third encryption processing unit (1 430) for encrypting said second symmetric key with said 
first public encryption key of a different data storing unit in accordance with a transfer processing 
for transferring at least said license key to said different data storing unit, and 

a fourth encryption processing unit ( 1 4 1 4) for performing the encrypting processing with the 
second public encryption key of said different data storing unit; 

said second session key generating unit generates said second symmetric key in accordance 
with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth symmetric key applied 
from said different data storing unit after being encrypted with said second symmetric key and the 
second public encryption key of said different data storing unit in accordance with said transfer 
processing; 

said third decryption processing unit decrypts the data encrypted with said second public 
encryption key stored in said memory unit based on said second private decryption key in accordance 
with said transfer processing to extract said license key; 

said fourth encryption processing unit encrypts said extracted license key based on the second 
public encryption key of said different data storing unit in accordance with said transfer processing; 
and 

said first encryption processing unit encrypts the output of said fourth encryption processing 
unit with said extracted fourth symmetric key, and outputs the encrypted output to said different data 
storing unit in accordance with said transfer processing. 
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6L The terminal device according to claim 54, wherein 
said data storing unit further includes: 

a third encryption processing unit ( 1 43 0) for encrypting said second symmetric key with said 
first public encryption key applied from a different data storing unit in accordance with a transfer 
processing for transferring at least said license key to said different data storing unit, and 

a fourth encryption processing unit ( 1 4 1 4) for performing the encrypting processing with the 
second public encryption key of said different data storing unit; 

said second session key generating unit generates said second symmetric key in accordance 
with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth symmetric key applied 
from said different data storing unit after being encrypted with said second symmetric key and the 
second public encryption key of said different data storing unit in accordance with said transfer 
processing; 

said third decryption processing unit decrypts the data encrypted with said second public 
encryption key stored in said memory unit based on said second private decryption key in accordance 
with said transfer processing to extract said license key; 

said fourth encryption processing unit encrypts said extracted license key based on the second 
public encryption key of said different data storing unit in accordance with said transfer processing; 
and 
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said first encryption processing unit encrypts the output of said fourth encryption processing 
unit with said extracted fourth symmetric key, and outputs the encrypted output to said different data 
storing unit in accordance with said transfer processing. 

62. The terminal device according to claim 53, wherein 
said data storing unit further includes: 

an authentication key holding unit for holding said authentication key, 

an authentication data decryption processing unit for decrypting said first authentication data 
applied from a different data storing unit based on said authentication key to extract said first public 
encryption key and said first authentication data in accordance with transfer processing for 
transferring at least said license key to said different data storing unit, 

a control unit ( 1 420) for performing authentication based on said first authentication data and 
in accordance with said transfer processing, and determining whether at least the license key is to 
be output to said different data storing unit or not, 

a third encryption processing unit (1 430) for encrypting said second symmetric key with said 
first public encryption key output from said different data storing unit in accordance with said 
transfer processing, and 

a fourth encryption processing unit ( 1 4 1 4) for performing the encrypting processing with the 
second public encryption key of said different data storing unit; 

said second session key generating unit generates said second symmetric key in accordance 
with said transfer processing; 
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said second decryption processing unit decrypts and extracts a fourth symmetric key applied 
from said different data storing unit after being encrypted with said second symmetric key and the 
second public encryption key of said different data storing unit in accordance with said transfer 
processing; 

said third decryption processing unit decrypts the data encrypted with said second public 
encryption key stored in said memory unit based on said second private decryption key in accordance 
with said transfer processing to extract said license key; 

said fourth encryption processing unit encrypts said extracted license key based on the second 
public encryption key of said different data storing unit in accordance with said transfer processing; 
and 

said first encryption processing unit encrypts the output of said fourth encryption processing 
unit with said extracted fourth symmetric key, and outputs the encrypted output to said different data 
storing unit in accordance with said transfer processing. 

63. A terminal device for receiving at least a license key for decrypting encrypted content 
data between said license key and said encrypted content data distributed from a data supply device, 
comprising: 

a first interface unit for externally transmitting data; and 

a data storing unit (140) for receiving and storing said license key, wherein 

said data storing unit includes: 
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a first key holding unit (1402) for holding a first private decryption key for decrypting the 

data encrypted with a first public encryption key, 

a first decryption processing unit (1404) for receiving and decrypting a first symmetric key 

encrypted with said first public encryption key and externally input, 

a second key holding unit (1405) for holding a second public encryption key unique to said 

data storing unit, 

a second session key generating unit (1432) for producing a second symmetric key, 

a first encryption processing unit ( 1 406) for encrypting said second public encryption key and 
said second symmetric key based on said first symmetric key, and outputting the encrypted keys to 
said first interface unit, 

a second decryption processing unit (1410) for receiving the license key encrypted with said 
second public encryption key and further encrypted with said second symmetric key, and decrypting 
the received license key based on said second symmetric key, 

a third key holding unit (1415) for holding a second private decryption key used for 
decrypting the data encrypted with said second public encryption key and being unique to said data 
storing unit, 

a third decryption processing unit (1416) for receiving said license key encrypted with said 
second public encryption key, and decrypting the received license key with said second private 
decryption key, and 

a memory unit (1412) for receiving the output of said third decryption processing unit, and 
storing said license key. 
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64. The terminal device according to claim 63, wherein 

said data storing unit is a recording device releasably attached to said terminal device. 

65. The terminal device according to claim 63, wherein 

said data storing unit further includes a fourth key holding unit (1401) holding said first 
public encryption key and being capable of externally outputting said first public encryption key. 

66. The terminal device according to claim 63, wherein 

said data storing unit further includes a first data holding unit (1442) for encrypting and 
holding said first public encryption key and first authentication data unique to said data storing unit 
and determined uniquely to said first public encryption key in a form allowing decryption with a 
predetermined authentication key. 

67. The terminal device according to claim 54, wherein 

said terminal device further includes a content reproducing unit; 
said content reproducing unit includes: 

a fifth key holding unit (1 520) for holding a third private decryption key used for decrypting 
the data encrypted with a third public encryption key predetermined for said content reproducing 
unit, 

a fourth decryption processing unit (1522) for decrypting and extracting said second 
symmetric key encrypted with said third public encryption key in said data storing unit, 
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a third session key generating unit (1502) for producing a third symmetric key, 
a second encryption processing unit (1 504) for encrypting said third symmetric key based on 

said second symmetric key decrypted and extracted by said fourth decryption processing unit, and 

outputting the encrypted third symmetric key, 

a fifth decryption processing unit (1506) for decrypting and extracting the license key 

encrypted with said third symmetric key in said data storing unit, and 

a data reproducing unit (1508) for decrypting the encrypted content data recorded in said 

recording unit with said extracted license key to reproduce the content data; 

said data storing unit further includes a third encryption processing unit ( 1 430) for encrypting 

said second symmetric key produced by said second session key generating unit based on said third 

public encryption key; 

said second decryption processing unit (1410) further receives said third symmetric key 
encrypted with said second symmetric key in said content reproducing unit, and decrypts said 
encrypted third symmetric key based on said second symmetric key to extract said third symmetric 
key; and 

said first encryption processing unit further encrypts said license key stored in said memory 
unit based on said third symmetric key extracted by said second decryption processing unit, and 
applies the encrypted license key to said content reproducing unit. 

68. The terminal device according to claim 67, wherein 
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said content reproducing unit further includes a sixth key holding unit ( 1 524) for holding said 
third public encryption key, and being capable of externally outputting said third public encryption 
key. 

69. The terminal device according to claim 67, wherein 

said content reproducing unit includes a second data holding unit (1 525) for encrypting and 
holding said third public encryption key and second authentication data being unique to said data 
storing unit and determined uniquely with respect to the third public encryption key such that said 
third public encryption key and said second authentication data can be decrypted with a 
predetermined authentication key; 

said data storing unit further includes: 

an authentication key holding unit for holding said authentication key, 

an authentication data decryption processing unit for decrypting said second authentication 

data applied from said data storing unit based on said authentication key to extract said third public 

encryption key and said first authentication data, and 

a control unit (1420) for performing authentication based on said second authentication data, 

and determining whether at least the license key is to be output to said content reproducing unit or 

not; and 

said authentication data decryption processing unit applies said extracted third public 
encryption key and said extracted second authentication data to said third encryption processing unit 
and said control unit, respectively. 
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70. The terminal device according to claim 67, wherein 

said license key is stored in the memory unit after being encrypted into a form allowing 
decryption with a terminal common decryption key common to said plurality of terminals; 
said content reproducing unit further includes: 

a decryption key holding unit for holding said terminal common decryption key, and 
a sixth decryption processing unit for decrypting the output of said fifth decryption processing 
unit based on said terminal common decryption key to extract said license key. 

71 . The terminal device according to claim 63, wherein 
said data storing unit further includes: 

a third encryption processing unit (1430) for encrypting said second symmetric key with said 
first public encryption key of a different data storing unit in accordance with a transfer processing 
for transferring at least said license key to said different data storing unit, and 

a fourth encryption processing unit ( 1 4 1 4) for performing the encrypting processing with the 
second public encryption key of said different data storing unit; 

said second session key generating unit generates said second symmetric key in accordance 
with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth symmetric key applied 
from said different data storing unit after being encrypted with said second symmetric key and the 
second public encryption key of said different data storing unit in accordance with said transfer 
processing; 
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said fourth encryption processing unit encrypts said extracted license key stored in said 

memory unit based on the second public encryption key of said different data storing unit in 

accordance with said transfer processing; and 

said first encryption processing unit encrypts the output of said fourth encryption processing 

unit with said extracted fourth symmetric key, and outputs the encrypted output to said different data 

storing unit in accordance with said transfer processing. 

72. The terminal device according to claim 71, wherein 

said data storing unit further includes a fourth key holding unit (1401) holding said first 
public encryption key and being capable of externally outputting said first public encryption key, and 

said third encryption processing unit performs encryption based on said first public 
encryption key applied from said different data storing unit in accordance with said transfer 
processing. 

73. The terminal device according to claim 65, wherein 
said data storing unit further includes: 

a third encryption processing unit (1 430) for encrypting said second symmetric key with said 
first public encryption key output from a different data storing unit in accordance with a transfer 
processing for transferring at least said license key to said different data storing unit, and 

a fourth encryption processing unit (1414) for performing the encrypting processing with the 
second public encryption key of said different data storing unit; 
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said second session key generating unit generates said second symmetric key in accordance 

with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth symmetric key applied 

from said different data storing unit after being encrypted with said second symmetric key and the 

second public encryption key of said different data storing unit in accordance with said transfer 

processing; 

said third decryption processing unit decrypts the data encrypted with said second public 
encryption key stored in said memory unit based on said second private decryption key in accordance 
with said transfer processing to extract said license key; 

said fourth encryption processing unit encrypts said extracted license key based on the second 
public encryption key of said different data storing unit in accordance with said transfer processing; 
and 

said first encryption processing unit encrypts the output of said fourth encryption processing 
unit with said extracted fourth symmetric key, and outputs the encrypted output to said different data 
storing unit in accordance with said transfer processing. 

74. The terminal device according to claim 66, wherein 
said data storing unit further includes: 

an authentication key holding unit for holding said authentication key, 
an authentication data decryption processing unit for decrypting said first authentication data 
applied from a different data storing unit based on said authentication key to extract said first public 
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encryption key and said first authentication data in accordance with transfer processing for 
transferring at least said license key to said different data storing unit, 

a control unit (1420) for performing authentication based on said first authentication data and 
in accordance with said transfer processing, and determining whether at least the license key is to 
be output to said different data storing unit or not, 

a third encryption processing unit (1430) for encrypting said second symmetric key with said 
first public encryption key output from said different data storing unit in accordance with said 
transfer processing, and 

a fourth encryption processing unit ( 1 4 1 4) for performing the encrypting processing with the 
second public encryption key of said different data storing unit; 

said second session key generating unit generates said second symmetric key in accordance 
with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth symmetric key applied 
from said different data storing unit after being encrypted with said second symmetric key and the 
second public encryption key of said different data storing unit in accordance with said transfer 
processing; 

said third decryption processing unit decrypts the data encrypted with said second public 
encryption key stored in said memory unit based on said second private decryption key in accordance 
with said transfer processing to extract said license key; 
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said fourth encryption processing unit encrypts said extracted license key based on the second 
public encryption key of said different data storing unit in accordance with said transfer processing; 
and 

said first encryption processing unit encrypts the output of said fourth encryption processing 
unit with said extracted fourth symmetric key, and outputs the encrypted output to said different data 
storing unit in accordance with said transfer processing. 

75. A terminal device for receiving at least a license key for decrypting encrypted content 
data between said license key and said encrypted content data distributed from a data supply device, 
comprising: 

a first interface unit for transmitting data to and from said data supply device; 
a content reproducing unit; and 

a second interface unit for connection to a data storing unit releasably attached to said 
terminal device, wherein 

said content reproducing unit includes: 

a fourth key holding unit ( 1 520) for holding a third private decryption key used for decrypting 
the data encrypted with a third public encryption key, 

a fourth decryption processing unit (1522) for decrypting and extracting said second 
symmetric key encrypted with said third public encryption key in said data storing unit, 

a third session key generating unit (1502) for producing a third symmetric key, 
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a second encryption processing unit (1 504) for encrypting said third symmetric key based on 

said second symmetric key decrypted and extracted by said fourth decryption processing unit, and 

outputting the encrypted third symmetric key, 

a fifth decryption processing unit (1506) for decrypting and extracting the license key 

encrypted with said third symmetric key in said data storing unit, and 

a data reproducing unit (1508) for decrypting the encrypted content data recorded in said 

recording unit with the extracted license key to reproduce the content data. 

76. The terminal device according to claim 75, further comprising: 

a data holding unit (1525) for holding second authentication data and said third public 
encryption key in a form allowing decryption with an authentication key for external output. 

77. A recording device for storing an encrypted content data and a license key for decrypting 
said encrypted content data, comprising: 

an interface unit for externally transmitting data; 
a memory unit (1412) for recording the data; and 

a parallel data bus (BS3) having a width of m bits (m is a natural number larger than 1 (m 
> 1)), and transmitting the data between said interface unit and said recording unit, wherein 
said interface unit includes: 
a plurality of terminals (1462.0 - 1462.3), 
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selecting means for selecting a predetermined terminal(s) of one or n in number (n is a natural 
satisfying (1 < n = m)) as a terminal(s) for externally receiving data in accordance with a switching 
instruction for a bit width of the externally applied input data, 

first converting means for operating in accordance with said switching instruction to convert 
serial data externally applied via said selected one terminal or parallel data of an n-bit width 
externally applied via said n terminals into parallel data of an m-bit width, and supply the converted 
parallel data to said parallel data bus, and 

second converting means for converting the parallel data of the m-bit width applied from said 
parallel data bus into serial data, and externally outputting the converted serial data via 
predetermined one terminal among said plurality of terminals; 

a first key holding unit (1402) for holding a first private decryption key for decrypting data 
encrypted with a first public encryption key; 

a first decryption processing unit (1404) for receiving a first symmetric key encrypted with 
said first public encryption key, and decrypting the received first symmetric key based on said first 
private decryption key; 

a second key holding unit (1405) for holding a second public encryption key; 

a session key generating unit (1432) for producing a second symmetric key; 

a first encryption processing unit ( 1 406) for encrypting said second public encryption key and 
said second symmetric key based on said first symmetric key, and outputting the encrypted keys to 
said interface unit via said parallel data bus; 



33 



jl oi o 6 «a zi e ,„ o s .1. «a ore 



Masayuki HATANAKA et al. Docket No - 02023 1 

a second encryption processing unit (1410) for receiving a license key encrypted with said 
second public encryption key, and further encrypted with said second symmetric key, and decrypting 
the received license key based on said second symmetric key; 

a third key holding unit (1415) for holding a second private decryption key set uniquely to 
said recording device for decrypting the data encrypted with said second public encryption key; and 

a third decryption processing unit (1416) for receiving the license key encrypted with said 
second public encryption key, and decrypting the received license key based on said second private 
decryption key to extract said license key, wherein 

said recording unit stores said encrypted content data and said license key. 

78. The recording device according to claim 77, further comprising: 
an authentication data holding unit (1442) for holding an authentication data prepared by 
encrypting said first public encryption key and a certificate data corresponding to said first public 
encryption key in a form allowing external decryption with an authentication key for external output. 
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VERSION WITH MARKINGS TO SHOW CHANGES MADE 

IN THE TITLE : 

The title of the specification has been amended as follows: 

DATA DISTRIBUTION SYSTEM AS WELL AS DATA SUPPLY DEVICE. 
TERMINAL DEVICE AND RECORDING DEVICE FOR THE SAME 
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DESCRIPTION 

Data Distribution System as well as Data Supply Device, Terminal Device 

and Recording Device for the Same 

5 

Technical Field 

The present invention relates to a data distribution system for 
distributing information to terminals such as cellular phones, and 
particularly to a data distribution system, which can secure a copyright 
10 relating to copied information. 



Background Art 

By virtue of the progress in information communication networks 
and the like such as the Internet in these few years, each user can now 
15 easily access network information through individual-oriented terminals 
employing a cellular phone or the like. 

In such information communication, information is transmitted 
through digital signals. It is now possible to obtain copied music and video 
information transmitted via the aforementioned information 
20 communication network without degradation in the audio quality and 

picture quality of the copy data, even in the case where an individual user 
performs the copy. 

Thus, there is a possibility of the copyright of the copyright owner 
being significantly infringed unless some appropriate measures to protect 
25 copyrights are taken when any content data subject to copyright protection 
such as music data and image data is to be transmitted on the information 
communication network. 

However, if copyright protection is given top priority so that 
distribution of content data through the disseminating digital information 
30 communication network is suppressed, the copyright owner who can 
essentially collect a predetermined copyright royalty for copies of a 
copyrighted work will also incur some disbenefit. 

Instead of the distribution over the digital information 
communication network described above, distribution may be performed via 
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distribution system, which can protect distributed copyrighted data from 
being duplicated without authorization from a copyright holder. 

For achieving the above objects, the invention provides a data 
distribution system for distributing at least a license key for decrypting 
5 encrypted content data between the license key and the encrypted content 
data to each of terminals of a plurality of users from a content data supply 
device. 

The content data supply device includes a first interface unit, a first 
session key generating unit, a session key encryption processing unit, a 

10 session key decrypting unit, a first license data encryption processing unit 
and a second license data encryption processing unit. 

The first interface unit externally transmits data. The first session 
key generating unit produces a first symmetric key to be updated in 
response to every transmission of the license key. The session key 

15 encryption processing unit encrypts the first symmetric key with a first 

public encryption key, and applies the encrypted first symmetric key to the 
first interface unit. The session key decrypting unit decrypts a second 
symmetric key and a second public encryption key returned after being 
encrypted with the first symmetric key based on the first symmetric key to 

20 extract the second symmetric key and the second public encryption key. 
The first license data encryption processing unit encrypts the license key 
with the second public encryption key extracted by the session key 
decrypting unit. The second license data encryption processing unit 
further encrypts the output of the first license data encryption processing 

25 unit with the second symmetric key extracted by the session key decrypting 
unit, and supplies the encrypted output to the first interface unit. 

Each terminal includes a second interface unit and a data storing 

unit. 

The second interface unit externally transmits the data. 
30 The data storing unit receives and stores at least the license key 

from the content data supply device. The first public encryption key is 
predetermined for the data storing unit. The data storing unit includes a 
first key holding unit, a first decryption processing unit, a second key 
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holding unit, a second session key generating unit, a first encryption 
processing unit, a second decryption processing unit, a third key holding 
unit, a third decryption processing unit and a memory unit. 

The first key holding unit holds a first private decryption key for 
5 decrypting the data encrypted with the first public encryption key. The 
first decryption processing unit receives and decrypts the first symmetric 
key encrypted with the first public encryption key. The second key 
holding unit holds the second public encryption key. The second session 
key generating unit produces the second symmetric key. The first 

10 encryption processing unit encrypts the second public encryption key and 
the second symmetric key based on the first symmetric key, and outputs 
the encrypted keys to the second interface unit. The second decryption 
processing unit receives the license key encrypted with the second 
symmetric key, further encrypted with the second public encryption key 

15 and applied from the second license data encryption processing unit, and 
decrypts the received license key based on the second symmetric key. The 
third key holding unit holds a second private decryption key used for 
decrypting the data encrypted with the second public encryption key and 
being unique to the data storing unit. The third decryption processing 

20 unit receives the license key encrypted with the second public encryption 
key, and decrypts the received license key with the second private 
decryption key for extraction. The memory unit stores the encrypted 
content data and the license key. 

According to another aspect, the invention provides a data supply 

25 device for supplying at least a license key for decrypting encrypted content 
data between the license key and the encrypted content data to each of a 
plurality of user terminals provided with a data storing unit capable of 
storing at least the license key, and includes an interface unit, a session 
key generating unit, a session key encryption processing unit, a session key 

30 decrypting unit, a first license data encryption processing unit and a second 
license encryption processing unit. 

The interface unit externally transmits data. The session key 
generating unit produces a first symmetric key to be updated in response to 
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every transmission of the license key. The session key encryption 
processing unit encrypts the first symmetric key with a first public 
encryption key predetermined corresponding to the data storing unit of the 
user terminal, and applies the encrypted first symmetric key to the 
5 interface unit. The session key decrypting unit decrypts and extracts a 
second symmetric key and a second public encryption key returned after 
being encrypted with the first symmetric key. The first license data 
encryption processing unit encrypts the license key for decrypting the 
encrypted content data with the second public encryption key decrypted by 

10 the session key decrypting unit. The second license encryption processing 
unit further encrypts the output of the first license data encryption 
processing unit with the second symmetric key, and applies the encrypted 
output to the interface unit for supply to each of the terminals. 

According to still another aspect, the invention provides a data 

15 supply device for supplying at least a license key for decrypting encrypted 
content data between the license key and the encrypted content data to a 
plurality of recording devices, and includes an interface unit, a first session 
key generating unit, a session key encryption processing unit, a session key 
decrypting unit, a first license data encryption processing unit and a second 

20 license encryption processing unit. 

The interface unit transmits data to and from the recording device. 
A connecting unit can connect the interface unit and the recording device 
for supply of the data. The first session key generating unit produces a 
first symmetric key to be updated in response to every supply of the license 

25 key. The session key encryption processing unit encrypts the first 
symmetric key with a first public encryption key predetermined 
corresponding to the recording device, and applies the encrypted first 
symmetric key to the interface unit. The session key decrypting unit 
decrypts and extracts a second symmetric key and a second public 

30 encryption key applied from the recording device connected to the 

connecting unit after being encrypted with the first symmetric key. The 
first license data encryption processing unit encrypts the license key for 
decrypting the encrypted content data with the second public encryption 
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key decrypted by the session key decrypting unit. The second license 
encryption processing unit further encrypts the output of the first license 
data encryption processing unit with the second symmetric key, and applies 
the encrypted output to the interface unit for supply to the recording device 
5 connected to the connecting unit. 

According to yet another aspect, the invention provides a terminal 
device for receiving at least a license key for decrypting encrypted content 
data between the license key and the encrypted content data distributed 
from a data supply device, and includes a first interface unit, and a data 
10 storing unit. 

The first interface unit externally transmits the data. 

The data storing unit receives and stores a license key. The data 
storing unit includes a first key holding unit, a first decryption processing 
unit, a second key holding unit, a second session key generating unit, a 
15 first encryption processing unit, a second decryption processing unit, a 
third key holding unit, a memory unit and a third decryption processing 
unit. 

The first key holding unit holds a first private decryption key for 
decrypting the data encrypted with a first public encryption key. The first 

20 decryption processing unit receives and decrypts a first symmetric key 

encrypted with the first public encryption key and externally input. The 
second key holding unit holds a second public encryption key unique to the 
data storing unit. The second session key generating unit produces a 
second symmetric key. The first encryption processing unit encrypts the 

25 second public encryption key and the second symmetric key based on the 
first symmetric key, and outputs the encrypted keys to the first interface 
unit. The second decryption processing unit receives the license key 
encrypted with the second public encryption key and further encrypted 
with the second symmetric key, and decrypts the received license key based 

30 on the second symmetric key. The third key holding unit holds a second 
private decryption key used for decrypting the data encrypted with the 
second public encryption key and being unique to the data storing unit. 
The storing unit receives the output of the second decryption processing 
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unit, and stores the license key encrypted with the second public encryption 
key. The third decryption processing unit receives the license key 
encrypted with the second public encryption key stored in the memory unit, 
and decrypts the received license key with the second private decryption 
5 key. 

According to further another aspect, the invention provides a 
terminal device for receiving at least a license key for decrypting encrypted 
content data between the license key and the encrypted content data 
distributed from a data supply device, and includes a first interface unit, 

10 and a data storing unit. 

The first interface unit externally transmits the data. 
The data storing unit receives and stores a license key. The data 
storing unit includes a first key holding unit, a first decryption processing 
unit, a second key holding unit, a second session key generating unit, a 

15 first encryption processing unit, a second decryption processing unit, a 
third key holding unit, a third decryption processing unit and a memory 
unit. The first key holding unit holds a first private decryption key for 
decrypting the data encrypted with a first public encryption key. The first 
decryption processing unit receives and decrypts a first symmetric key 

20 externally applied and encrypted with the first public encryption key. The 
second key holding unit holds a second public encryption key unique to the 
data storing unit. The second session key generating unit produces a 
second symmetric key. The first encryption processing unit encrypts the 
second public encryption key and the second symmetric key based on the 

25 first symmetric key, and outputs the encrypted keys to the first interface 
unit. The second decryption processing unit receives the license key 
encrypted with the second public encryption key and further encrypted 
with the second symmetric key, and decrypts the received license key based 
on the second symmetric key. The third key holding unit holds a second 

30 private decryption key used for decrypting the data encrypted with the 
second public encryption key and being unique to the data storing unit. 
The third decryption processing unit receives the license key encrypted 
with the second public encryption key, and decrypts the received license 
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key with the second private decryption key. The memory unit receives the 
output of the third decryption processing unit, and stores the license key. 

According to further another aspect, the invention provides a 
terminal device for receiving at least a license key for decrypting encrypted 
5 content data between the license key and the encrypted content data 

distributed from a data supply device, and includes a first interface unit, a 
content reproducing unit and a second interface unit. 

The first interface unit transmits the data to and from the data 
supply device. The second interface unit connects to the data storing unit 

10 releasably attached to the terminal device. 

The content reproducing unit includes a fourth key holding unit, a 
fourth decryption processing unit, a third session key generating unit, a 
second encryption processing unit, a fifth decryption processing unit and a 
data reproducing unit. The fourth key holding unit holds a third private 

15 decryption key used for decrypting the data encrypted with a third public 
encryption key. The fourth decryption processing unit decrypts and 
extracts the second symmetric key encrypted with the third public 
encryption key in the data storing unit. The third session key generating 
unit generates a third symmetric key. The second encryption processing 

20 unit encrypts and outputs the third symmetric key based on the second 

symmetric key decrypted and extracted by the fourth decryption processing 
unit. The fifth decryption processing unit decrypts and extracts the 
license key encrypted with the third symmetric key in the data storing unit. 
The data reproducing unit decrypts and reproduces the encrypted content 

25 data recorded in the data storing unit with the extracted license key. 

According to further another aspect, the invention provides a 
recording device including an interface unit, a memory unit, a parallel data 
bus, a first key holding unit, a first decryption processing unit, a second key 
holding unit, a session key generating unit, a first encryption processing 

30 unit, a second decryption processing unit, a third key holding unit and a 
third decryption processing unit. 

The interface unit externally transmits data. 

The memory unit stores the data. The parallel data bus has a width 
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of m bits (m is a natural number larger than 1 (m > 1)), and transmits the 
data between the interface unit and the recording unit. 

The interface unit includes a plurality of terminals, selecting means, 
first converting means and second converting means. 
5 The selecting means selects a predetermined terminal(s) of one or n in 

number (n is a natural number satisfying (1 < n < m)) as a terminal(s) for 
externally receiving data in accordance with a switching instruction for a 
bit width of the externally applied input data. The first converting means 
operates in accordance with the switching instruction to convert serial data 

10 externally applied via the selected one terminal or parallel data of an n-bit 
width externally applied via said n terminals into parallel data of an m-bit 
width, and supply the converted parallel data onto the parallel data bus. 
The second converting means converts the parallel data of the m-bit width 
applied from the parallel data bus into serial data, and externally outputs 

15 the converted serial data via predetermined one terminal among the 
plurality of terminals. 

The first key holding unit holds a first private decryption key for 
decrypting data encrypted with a first public encryption key. The first 
decryption processing unit receives a first symmetric key encrypted with 

20 the first public encryption key, and decrypts the received first symmetric 

key based on the first private decryption key. The second key holding unit 
holds a second public encryption key. The session key generating unit 
generates a second symmetric key. The first encryption processing unit 
encrypts the second public encryption key and the second symmetric key 

25 based on the first symmetric key, and outputs the encrypted keys to the 

interface unit via the parallel data bus. The second encryption processing 
unit receives a license key encrypted with the second public encryption key, 
and further encrypted with the second symmetric key, and decrypts the 
received license key based on the second symmetric key. The third key 

30 holding unit holds a second private decryption key set uniquely to the 

recording device for decrypting the data encrypted with the second public 
encryption key. The third decryption processing unit receives the license 
key encrypted with the second public encryption key, and decrypts the 
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received license key based on the second private decryption key to extract 
the license key. The recording unit stores the encrypted content data and 
the license key. 

5 Brief Description of the Drawings 

Fig. 1 conceptually and schematically shows a whole structure of an 
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information distribution system according to the invention; 

Fig. 2 collectively represents characteristics such as key data used 
for communication in the information distribution system shown in Fig. 1; 

Fig. 3 is a schematic block diagram showing a structure of a 
5 distribution server 10 shown in Fig. 1; 

Fig. 4 is a schematic block diagram showing a structure of a cellular 
phone 100 shown in Fig. 1; 

Fig. 5 is a schematic block diagram showing a structure of a memory 
card 1 10 shown in Fig. 4; 
10 Fig. 6 is a first flowchart representing a distribution mode in the 

data distribution system shown in Figs. 1 and 3 - 5; 

Fig. 7 is a second flowchart representing a distribution mode in the 
data distribution system shown in Figs. 1 and 3-5; 

Fig. 8 is a flowchart representing processing of reproducing content 
15 data within cellular phone 100, and externally outputting it as music; 

Fig. 9 is a first flowchart representing processing of transferring or 
duplicating content data, key data and others between two memory cards; 

Fig. 10 is a second flowchart representing processing of transferring 
or duplicating content data, key data and others between two memory 
20 cards; 

Fig. 1 1 is a schematic block diagram showing a structure of a music 
server 31 corresponding to a memory card 120 in a second embodiment; 

Fig. 12 is a schematic block diagram showing a structure of a cellular 
phone 101 in the second embodiment; 
25 Fig. 13 is a schematic block diagram showing a structure of a 

memory card 120 in the second embodiment of the invention; 

Fig. 14 is a first flowchart representing a distribution mode using 
memory card 120 shown in Fig. 13; 

Fig. 15 is a second flowchart representing the distribution mode 
30 using memory card 120 shown in Fig. 13; 

Fig. 16 is a first flowchart representing reproduction processing of 
reproducing content data within cellular phone 101, and externally 
outputting it as music; 



- 7 - 



:ia o & gi :i :il e: ■ o :i <9 o 



Fig. 17 is a second flowchart representing reproduction processing of 
reproducing content data within cellular phone 101, and externally 
outputting it as music; 

Fig. 18 is a first flowchart representing processing of transferring or 
duplicating content data, key data and others between two memory cards; 

Fig. 19 is a second flowchart representing processing of transferring 
or duplicating content data, key data and others between two memory 
cards; 

Fig. 20 conceptually shows a structure of a data distribution system 
of a third embodiment; 

Fig. 21 is a schematic block diagram showing a structure of a content 
data vending machine 2000 in the third embodiment; 

Fig. 22 is a first flowchart representing a distribution mode in the 
data distribution system shown in Figs. 20 and 21; 

Fig. 23 is a second flowchart representing the distribution mode in 
the data distribution system shown in Figs. 20 and 21; 

Fig. 24 conceptually shows a structure of a content data vending 
machine 2001 in a modification of the third embodiment; 

Fig. 25 is a first flowchart representing a distribution mode of a data 
distribution system in the modification of the third embodiment; 

Fig. 26 is a second flowchart representing the distribution mode in 
the data distribution system in the modification of the third embodiment; 

Fig. 27 is a schematic block diagram showing a structure of a content 
data vending machine 3000 in a fourth embodiment; 

Fig. 28 is a first flowchart showing a distribution mode in the data 
distribution system shown in Fig. 27; 

Fig. 29 is a second flowchart showing a distribution mode in the data 
distribution system shown in Fig. 27; 

Fig. 30 is a first flowchart showing a distribution mode of a data 
distribution system in a modification of the fourth embodiment; 

Fig. 31 is a second flowchart showing a distribution mode of the data 
distribution system in the modification of the fourth embodiment; 

Fig. 32 is a schematic block diagram showing a structure of a cellular 
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phone 105 in a fifth embodiment; 

Fig. 33 is a schematic block diagram showing a structure of a 
distribution server 12 corresponding to a memory card 140 in the fifth 
embodiment; 

5 Fig. 34 is a schematic block diagram showing a structure of memory 

card 140 in the fifth embodiment; 

Fig. 35 is a first flowchart representing a distribution mode using 
memory card 140; 

Fig. 36 is a second flowchart representing a distribution mode using 
10 memory card 140; 

Fig. 37 is a first flowchart representing reproducing processing of 
reproducing encrypted content data held in memory card 140 for externally 
outputting it as music; 

Fig. 38 is a second flowchart representing the reproducing processing 
15 of reproducing the encrypted content data held in memory card 140 for 
externally outputting it as music; 

Fig. 39 is a first flowchart representing processing of transferring or 
duplicating content data, key data and others between two memory cards; 
Fig. 40 is a second flowchart representing processing of transferring 
20 or duplicating content data, key data and others between two memory 
cards; 

Fig. 41 is a schematic block diagram showing a structure of a content 
data vending machine 3010 in a sixth embodiment of the invention; 

Fig. 42 is a first flowchart representing a distribution mode of a data 
25 distribution system using content data vending machine 3010; 

Fig. 43 is a second flowchart representing the distribution mode of 
the data distribution system using content data vending machine 3010; 

Fig. 44 is a schematic block diagram showing a structure of a cellular 
phone 107 in a seventh embodiment; 
30 Fig. 45 is a schematic block diagram showing a structure of a 

distribution server 13 corresponding to cellular phone 107 in the seventh 
embodiment; 

Fig. 46 is a first flowchart representing a distribution mode using a 



- 9 - 



,;i OO 61 9 :1L :LiE! „, O 6 :L 9 OS 



distribution server 12 and cellular phone 107; 

Fig. 47 is a second flowchart showing the distribution mode using 
distribution server 12 and cellular phone 107; 

Fig. 48 is a first flowchart representing reproducing processing of 
5 reproducing encrypted content data held in memory card 140 for externally 
outputting it as music; 

Fig. 49 is a second flowchart representing the reproducing processing 
of reproducing the encrypted content data held in memory card 140 for 
externally outputting it as music; 
10 Fig. 50 is a first flowchart representing processing of transferring or 

duplicating content data, key data and others between two memory cards in 
the seventh embodiment; 

Fig. 51 is a second flowchart representing processing of transferring 
or duplicating content data, key data and others between two memory cards 
15 in the seventh embodiment; 

Fig. 52 is a schematic block diagram showing a structure of a content 
data vending machine of an eighth embodiment of the invention; 

Fig. 53 is a first flowchart showing a distribution mode of a data 
distribution system using content data vending machine 3020; 
20 Fig. 54 is a second flowchart showing the distribution mode of the 

data distribution system using content data vending machine 3020; 

Fig. 55 is a schematic block diagram showing a structure including a 
terminal 1202 in memory card 140; and 

Fig. 56 shows a modification of the structure including terminal 1202 
25 in memory card 140. 

Best Mode for Carrying Out the Invention 

Embodiments of the invention will now be described with reference 
to the drawings. 
30 [First Embodiment] 

[Whole Structure of System] 

Fig. 1 conceptually shows a whole structure of an information 
distribution system according to the invention. 



- 10 - 



:L GO 6 gi :IL JL 2 « O £> .1. 9£l S 



The following description will be given by way of example on a 

structure of a data distribution system, in which music data is distributed 

to users over a cellular phone network. As will be apparent from the 

following description, the invention is not restricted to such an example, 
5 and may be applied to other cases, in which copyrighted data (e.g., image 

data) other than the music data is distributed over another information 

communication network. 

Referring to Fig. 1, a distribution server 10 administrating 

copyrighted music information encrypts music data (which will be referred 
10 to also as "content data" hereinafter) in a predetermined encryption scheme, 

and applies the data thus encrypted to a cellular phone company, which is 

a distribution carrier 20 for distributing information. An authentication 

server 12 determines whether an instrument or device accessing it for 

distribution of music data is a regular device or not. 
15 Distribution carrier 20 relays over its own cellular phone network a 

distribution request received from each user to distribution server 10. 

When distribution server 10 receives the distribution request, 

authentication server 12 determines whether the access is made by a 

regular device or not. After it is confirmed that the access is made by the 
20 regular device, distribution server 10 encrypts the requested content data, 

and distributes it to the user's cellular phone over the cellular phone 

network of distribution carrier 20. 

In Fig. 1, a cellular phone 100 of a cellular phone user 1 includes, 

e.g., a memory card 110, which is releasably attached thereto for receiving 
25 encrypted content data received by cellular phone 100, decrypting the data 

encrypted for this transmission, and applying the data to an audio decoding 

unit (not shown) in cellular phone 100. 

Further, user 1 can listen to music, which is produced by reproducing 

such content data, via headphones 130 or the like connected to cellular 
30 phone 100. 

In the following description, distribution server 10, authentication 

server 12 and distribution carrier 20 described above will be collectively 

referred to as a "music server 30". 
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Also, the processing of transmitting the content data from music 
server 30 to each cellular phone terminal or the like will be referred to as 
"distribution", hereinafter. 

Owing to the above structure, a user other than a regular user, who 
5 purchased regular memory card (i.e., memory card 110), cannot receive and 
reproduce the data distributed from music server 30 without difficulty. 

Further, the system may be configured as follows. By counting the 
times of distribution of content data, e.g., for example, one song in 
distribution carrier 20, the royalty, which is charged every time the user 
10 receives (downloads) content data, can be collected by distribution carrier 

20 together with charges for telephone calls so that the copyright owner can 
ensure the royalty. 

The foregoing distribution of the content data is performed over a 
closed system, i.e., the cellular phone network so that it is easy to take 
15 measures for the copyright protection, compared with open systems such as 
the Internet. 

For example, a user 2 having a memory card 112 can receive content 
data directly from music server 30 by user's own cellular phone 102. 
However, such data reception may take a relatively long time if user 2 

20 receives the content data or the like having a large information amount 

directly from music server 30. In connection with this, the system may be 
configured such that user 2 can copy the content data of user 1, who has 
already received it. This improves the convenience of users. 

From the viewpoint of protecting right of the copyright owner, it is 

25 not allowed to provide a system configuration allowing free copying of 
content data. 

In an example shown in Fig. 1, an operation, in which the content 
data itself received by user 1 as well as information required for 
reproducing the content data are copied for use by user 2, is referred to as 
30 "transfer" of the content data. In this case, since user 1 allows the copying 
of the content data together with information (reproduction information) 
required for the reproduction, it is necessary to disable or inhibit the 
reproduction of the content data by user 1 after the transfer of information. 
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The above content data is distributed as encrypted content data, which is 
encrypted in a predetermined encryption scheme. As will be described 
later, the "reproduction information" means the information including a 
key, which allows decryption or decoding of the encrypted content data in 
5 accordance with the foregoing predetermined encryption scheme, and will 
also be referred to as a "license key", as well as license ID data, user ID 
data and others, which are information related to copyright protection. 

In contrast to the above, an operation, in which only content data is 
copied while keeping an encrypted form, is referred to as "duplication" of 

10 music information. 

In this case, reproduction information required for reproducing such 
content data is not copied for use by the terminal of user 2 so that user 2 
having only the encrypted content data cannot reproduce the music. If 
user 2 wishes to reproduce the music, user 2 must receive the reproduction 

15 information distributed from music server 30 for allowing reproduction of 

the content data. In this case, however, it is merely required to receive the 
information for allowing the reproduction. Therefore, it takes a 
remarkably short telephone communication time for allowing music 
reproduction as compared with the case, where user 2 directly receives all 

20 the required data and information from music server 30. 

For example, if cellular phones 100 and 102 are PHSs (Personal 
Handy Phones), a telephone conversation can be performed in a so-called 
transceiver mode. By using this function, information can be collectively 
relocated (transferred) from user 1 to user 2, and/or only the encrypted 

25 content data can be moved (duplicated). 

In the structure shown in Fig. 1, the system requires the following 
schemes and structure for reproducing the content data, which is 
distributed in the encrypted form, on the user side. First, the system 
requires a scheme for sending an encryption key in the communication. 

30 Second, the system requires a scheme for encrypting the data itself to be 
distributed. Third, the system requires a structure for protecting data by 
preventing unauthorized copying of the distributed data. 
[Structure of Encryption/Decryption Key] 
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Fig. 2 collectively represents characteristics of key data and others 
used for communication in the information distribution system shown in 
Fig. 1. 

In the structure shown in Fig. 1, data processing in memory card 100 
5 is administrated by private decryption key Kmedia(n) (n: natural number), 
a public encryption key KPcard(n) and a private decryption key Kcard(n) 
(n: natural number). Private decryption key Kmedia(n) includes 
information for individually specifying the types and others of the memory 
card. Public encryption key KPcard(n) is unique to the memory card. 
10 Private decryption key Kcard(n) is used for decrypting the data encrypted 
with public encryption key KPcard(n). 

In the expressions such as "Kcard(n) M and "KPcard(n)" indicating the 
keys, the natural number "n" is used for identifying each memory card. 
More specifically, the data encrypted with public encryption key 
15 KPcard(n) can be decrypted with private decryption key Kcard(n), which is 
present uniquely to each memory card. Therefore, three kinds of keys 
Kmedia(n), Kcard(n) and KPcard(n) are basically used for transmitting the 
distributed data to and from the memory cards, as will be described later. 
Further, as the encryption key for keeping the secret in external 
20 transmission of data to and from the memory card, the system uses public 
encryption key KPmedia(n) unique to each medium, private decryption key 
Kmedia(n) for decrypting data encrypted with public encryption key 
KPmedia(n), and a symmetric key Ks produced in music server 30 or 
cellular phone 100 or 102 in response to every communication (e.g., every 
25 access to music server 30). 

The system may be configured such that symmetric key Ks described 
above is generated every time the user accesses music server 30, and the 
same key is used for music information without limiting the number of 
tunes or songs in the music information as long as the access has been 
30 performed only one time. Alternatively, different symmetric keys may be 
used for different tunes, respectively, and each may be set to the user for 
one tune. 

In the following description, the unit of communication or access 
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described above will be referred to as a "session", and symmetric key Ks 
will be referred to as a "session key". 

Consequently, session key Ks has a value unique to each 
communication session, and is administrated by the distribution server and 
the cellular phone. 

For the data to be distributed, it is assumed that a key Kc (which 
will be referred to as a "license key" hereinafter) for decrypting the 
encrypted content data is first present, and the encrypted content data is 
decrypted with this license key Kc. Further, an administration code for 
specifying the content data, license ID data License-ID including 
information, which relates to restriction of the times of reproduction, and 
others are present as the license information described above. The cellular 
phone holds a user ID data user-ID for identifying the receiver. 

Owing to the above structure, control related to the copyright 
protection for the copyright owner can be performed in accordance with 
information contained in the license ID data. Also, by using the user ID 
data, control can be performed to protect the personal information of the 
user such as access histories of the user from a third party. 

As already described, content data Dc in the distributed data is, e.g., 
music data, and data prepared by encrypting this content data for 
decryption with session key Ks is referred to as encrypted content data 
[Dc]Kc. 

The expression "[Y]X" represents that data is prepared by converting 
data Y with a key X into a decodable form. The keys used in encryption 
processing and decryption processing may also be referred to as "keys". 
[Structure of Distribution Server 10] 

Fig. 3 is a schematic block diagram showing a structure of 
distribution server 10 shown in Fig. 1. Distribution server 10 includes a 
distribution information database 304 for storing distribution data such as 
data, which is prepared by encrypting content data (music data) in a 
predetermined scheme, and a license ID, an accounting database 302 for 
storing accounting information related to the times of access to content data 
for each user, a data processing unit 310 for receiving data via a bus BSl 
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from distribution information database 304 and accounting database 302, 
and performing predetermined encryption processing, and a communication 
device 350 for transmitting data between distribution carrier 20 and data 
processing unit 310 over the communication network. 
5 Data processing unit 310 includes a distribution control unit 312 for 

controlling an operation of data processing unit 310 in accordance with the 
data on data bus BSl, a session key generating unit 314 which is controlled 
by distribution control unit 312 to generate session key Ks, an encryption 
processing unit 316 which encrypts session key Ks generated by session key 

10 generating unit 314 with public encryption key KPmedia, and apply it to 
data bus BSl, a decryption processing unit 318 for receiving the data, 
which is sent after being encrypted with session key Ks in the cellular 
phone of each user, via communication device 350 and data bus BSl, and 
decrypting the received data, an encryption processing unit 320 for 

15 encrypting the data such as license key and license ID with public 

encryption key KPcard(n), which is extracted by decryption processing unit 
318, under control of distribution control unit 312, and an encryption 
processing unit 322 for encrypting the output of encryption processing unit 
320 with session key Ks, and applying the same to communication device 

20 350 via data bus BSl. 

[Structure of Terminal (Cellular Phone)] 

Fig. 4 is a schematic block diagram showing a structure of cellular 
phone 100 shown in Fig. 1. 

Cellular phone 100 includes an antenna 1 102 for receiving radio 

25 signals sent over the cellular phone network, a transmission unit 1104 for 
converting the signals received from antenna 1102 into baseband signals, 
and sending data sent from the cellular phone to antenna 1102 after 
modulating it, a data bus BS2 for data transmission to various portions in 
cellular phone 100, a controller 1106 for controlling the operation of cellular 

30 phone 100 via bus BS2, a user ID holding unit 1107 for holding user ID 
data User-ID for identifying the receiver, a touch key unit 1108 for 
externally applying an instruction to cellular phone 100, a display 1110 for 
applying information output from controller 1106 or the like to the user as 
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visual information, a voice decoding unit 1112 for reproducing voice and 
sound based on received data applied via data bus BS2 in a normal 
conversation operation, a connector 1120 for externally transmitting data, 
and an external interface unit 1122 for converting data applied from 
5 connector 1 120 into signals, which can be applied to data bus BS2, or 
converting data applied from data bus BS2 into signals, which can be 
applied to connector 1120. 

The user ID data includes data such as a telephone number of the 

user. 

10 Cellular phone 100 further includes releasable memory card 110 for 

decrypting the content data sent from music server 30, a memory interface 
1200 for controlling transmission of data between memory card 110 and 
bus BS2, a session key generating unit 1502 for generating session key Ks, 
e.g., based on a random number for encrypting the data to be transmitted 

15 via data bus BS2 between memory card 110 and another portion of the 
cellular phone via bus BS2, an encryption processing unit 1504, which 
encrypts session key Ks produced by session key generating unit 1502 and 
applies the same to data bus BS2, a decryption processing unit 1506, which 
decrypts the data produced by session key generating unit 1502 and located 

20 on data bus BS2 with session key Ks for outputting the same, an audio 
decoding unit 1508 for receiving the output of decryption processing unit 
1506, and reproducing music signals, a mixing unit 1510, which receives 
the output of audio decoding unit 1508 and the output of voice decoding 
unit 1112, and selectively outputs them in accordance with the operation 

25 mode, a digital-to-analog converter 1512, which receives and converts the 
output of mixing unit 1510 into analog signals for external output, and a 
connection terminal 1514, which receives the output of digital-to-analog 
converter 1512 and is configured to connect headphones 130 thereto. 

For the sake of simplicity, only the blocks related to distribution of 

30 the content data according to the invention are described, and some of 

blocks, which are originally provided in the cellular phone for the telephone 
conversation function, are not described. 
[Structure of Memory Card] 
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Fig. 5 is a schematic block diagram showing a structure of memory 
card 110 shown in Fig. 4. 

In the following description, public encryption key KPmedia of 
memory card 110 attached to terminal 100 will be referred to as public 
5 encryption key KPmedia(l) for discrimination from public encryption key 
KPmedia of memory card 112 of terminal 102, which will be referred to as 
public encryption key KPmedia(2). 

Correspondingly, a private decryption key, which can decrypt the 
data encrypted with public encryption key KPmedia(l), and is 

10 asymmetrical to it, will be referred to as "private decryption key Kmedia(l), 
and a private decryption key, which can decrypt the data encrypted with 
public encryption key KPmedia(2), and is asymmetrical to it, will be 
referred to as private decryption key Kmedia(2). 

By discriminating the public encryption keys unique to the mediums 

15 from each other, appropriate operations can be performed even in such 
cases that multiple kinds of memory cards are used, and more generally, 
medium(s) other than the memory card are present as options of the system, 
as will be described later. 

Memory card 110 includes a data bus BS3 for transmitting signals to 

20 and from memory interface 1200 via terminal 1202, a KPmedia(l) holding 
unit 1401 for holding public encryption key KPmedia(l), and outputting the 
same to data bus BS3, a Kmedia(l) holding unit 1402 for holding private 
decryption key Kmedia(l) corresponding to memory card 110, a decryption 
processing unit 1404 for extracting session key Ks by decrypting private 

25 decryption key Kmedia(l), a KPcard(l) holding unit 1405 for holding public 
encryption key KPcard(l), an encryption processing unit 1406 for 
encrypting the output of a selector switch 1408 based on session key Ks 
extracted from decryption processing unit 1404, and applying the same to 
data bus BS3, a decryption processing unit 1410 for decrypting the data on 

30 data bus BS3 with session key Ks extracted by decryption processing unit 
1404, and applying it onto a data bus BS4, and a memory 1412 for storing 
data such as license key Kc and license ID, which are encrypted with public 
encryption key KPcard(n) unique to the memory card and are applied from 
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data bus BS3, and receiving encrypted content data [Dc]Kc encrypted with 
license key Kc from data bus BS3 for storing the same. 

Selector switch 1408 has contacts Pa, Pb and Pc. Contact Pa 
receives public encryption key KPcard(l) from KPcard(l) holding unit 1405. 
5 Contact Pb receives data from a data bus BS5. Contact Pc receives the 
output of an encryption processing unit 1414. Selector switch 1408 
selectively applies the signals applied to contacts Pa, Pb and PC to 
encryption processing unit 1406 in accordance with the operation mode 
selected from the "distribution mode", "reproduction mode" and "transfer 
10 mode". 

Memory card 110 further includes a Kcard(l) holding unit 1415 for 
holding a value of private decryption key Kcard(l), a decryption processing 
unit 1416 for decrypting license key Kc, license ID and others ([Kc, 
License]Kcard(l)), which are encrypted with public encryption key 

15 KPcard(l) and read from memory 1412, and applying them to data bus BS5, 
encryption processing unit 1414, which operates in the data transferring 
operation and others to receive public encryption key KPcard(l) of the 
memory card of the opposite party from decryption processing unit 1410, 
encrypt license key Kc, license ID and others output to data bus BS5 based 

20 on public encryption key KPcard(n) of the opposite party, and then output 
them to selector switch 1408, a controller 1420, which externally transmits 
data via data bus BS3, receives license ID data and others from data bus 
BS5 and controls the operation of memory card 110, and a register 1500, 
which can transmit data such as license ID data to and from data bus BS5. 

25 A region surrounded by solid line in Fig. 5 is incorporated in a 

module TRM, which is configured such that internal data is erased and/or 
internal circuits are destroyed for disabling reading of data and others in 
circuits located within this region by a third party when memory card 110 
is, e.g., externally opened without authorization. 

30 This module is generally referred to as a "Tamper Resistance 

Module". 

Naturally, memory 1412 may also be incorporated into module TRM. 
However, the structure shown in Fig. 5 can reduce a manufacturing cost 
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because all the data held in memory 1412 is encrypted, and therefore the 
third party cannot reproduce music by using only the data in memory 1412 
so that it is not necessary to arranged memory 1412 within the expensive 
tamper resistance module. 
5 Figs. 6 and 7 are first and second flowcharts representing a 

distribution operation in the data distribution system shown in Figs. 1 and 
3 - 5. 

Figs. 6 and 7 represent the operation in the case where user 1 using 
memory card 110 receives music data from music server 30. 

10 First, user 1 sends a request for distribution via cellular phone 100 

by operating keys or buttons on touch key unit 1108 (step S100). 

In memory card 110, public encryption key KPmedia(l) is sent from 
KPmedia(l) holding unit 1401 to music server 30 in response to the above 
distribution request (step S102). 

15 When music server 30 receives the distribution request and public 

encryption key KPmedia(l) from memory card 110 (step S104), an inquiry 
is applied to authentication server 12 based on received public encryption 
key KPmedia(l) (step S106), and the processing moves to a next step. If 
the regular memory card is not used, the processing is terminated (step 

20 S154). 

When it is determined from the inquiry that the regular memory 
card is used, music server 30 operates to produce session key Ks by session 
key generating unit 314. Further, encryption processing unit 316 in music 
server 30 produces encrypted session key [Ks]Kmedia(l) by encrypting 

25 session key Ks with received public encryption key KPmedia(l) (step S108). 

Then, music server 30 applies encrypted session key [Ks]Kmedia(l) 
to data bus BSl. Communication device 350 sends encrypted session key 
[Ks]Kmedia(l), which is applied from encryption processing unit 316, over 
the communication network to memory card 110 of cellular phone 100 (step 

30 S110). 

When cellular phone 100 receives encrypted session key 
[Ks]Kmedia(l) (step Si 12), decryption processing unit 1404 in memory card 
110 decrypts and extracts session key Ks by decrypting the received data 
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applied to data bus BS3 via memory interface 1200 with private decryption 
key Kmedia(l) (step Si 14). 

In the subsequent distributing operation, contact Pa is closed in 
selector switch 1408 so that encryption processing unit 1406 encrypts 
5 public encryption key KPcard(l) (i.e., public encryption key for memory 
card 110) applied from KPcard(l) holding unit 1405 via contact Pa with 
session key Ks (step Si 16) to produce data [KPcard(l)]Ks (step Si 18). 

Cellular phone 100 sends data [KPcard(l)]Ks encrypted by 
encryption processing unit 1406 to music server 30 (step S120). 
10 In music server 30, communication device 350 receives data 

[KPcard(l)]Ks (step S122), and decryption processing unit 318 decrypts 
data [KPcard(l)]Ks applied to data bus BSl with session key Ks to extract 
public encryption key KPcard(l) (step S124). 

Then, distribution control unit 312 produces license information data 
15 License containing the license ID data and others based on the data held in 
distribution information database 304 and others (step S126). 

Further, music server 30 obtains encrypted content data [Dc]Kc from 
distribution information database 304, and sends it to memory card 110 via 
communication device 350 (step S128). 
20 When cellular phone 100 receives data [Dc]Kc (step S130), memory 

card 110 stores received data [Dc]Kc in memory 1412 as it is (step S132). 

Music server 30 obtains license key Kc from distribution information 
database 304 (step S134), and encryption processing unit 320 encrypts 
license key Kc and license information data License applied from 
25 distribution control unit 312 with public encryption key KPcard(l) applied 
from decryption processing unit 318 (step S136). 

Encryption processing unit 322 receives data [Kc, License] Kcard(l) 
encrypted by encryption processing unit 320, and encrypts it with session 
key Ks for outputting the further encrypted data to data bus BSl. 
30 Communication device 350 sends data [[Kc, License]Kcard(l)]Ks encrypted 
by encryption processing unit 322 to memory card 110. 

When cellular phone 100 receives data [[Kc, License]Kcard(l)]Ks 
(step S142), decryption processing unit 1410 in memory card 110 decrypts 
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it with session key Ks so that data [Kc, License]Kcard(l) is extracted and 
recorded (stored) in memory 1412 (step S146). 

Further, in memory card 110, decryption processing unit 1416 
controlled by controller 1420 decrypts data [Kc, License]Kcard(l) stored in 
5 memory 1412, and decrypted license information data License is stored in 
register 1500 (step S148). 

Through the operations described above, the memory card itself can 
receive the distributed data after sending public encryption key 
KPmedia(l) to the side (music server 30) sending session key Ks, and the 

10 content data stored in memory card 110 becomes reproducible. In the 
following description, the state, in which the content data stored in the 
memory card is reproducible, may be referred to as "a state SA of memory 
card 110". When the content data stored in the memory card is not 
reproducible, this state may be referred to as "a state SB of memory card 

15 110". 

When a notice of reception is sent from memory card 110 to music 
server 30, and is received by music server 30 (step S150), accounting 
database 302 stores accounting data of user 1 (step S152), and the 
processing ends (step S154). 
20 Fig. 8 is a flowchart representing reproduction processing in cellular 

phone 100 for decrypting the encrypted content data held in memory card 
110, and externally outputting it as music. 

Referring to Fig. 8, user 1 enters an instruction through touch key 
unit 1108 or the like of cellular phone 100 so that a reproduction request is 
25 output to memory card 110 (step S200). 

In memory card 110, controller 1420 responds to this reproduction 
request, and determines based on license information data License held in 
register 1500 whether the request is made for the reproducible data (step 
S202). When it is determined that the requested data is reproducible, 
30 KPmedia(l) holding unit 1401 sends public encryption key KPmedia(l) to 
cellular phone 100 (step S204). When it is determined that the requested 
data is not reproducible, the processing ends (step S230). 

When the requested data is reproducible, memory card 110 sends 
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public encryption key KPmedia(l) so that cellular phone 100 receives public 
encryption key KPmedia(l) from memory card 110 (step S206), and 
operates as follows. Ks generating unit 1502 produces session key Ks, and 
encryption processing unit 1504 encrypts session key Ks with public 
encryption key KPmedia(l) to produce and send encrypted session key 
[Ks]KPmedia(l) to memory card 110 via data bus BS2 (step S208). 

Memory card 110 receives session key Ks, which is produced and 
encrypted by cellular phone 100, via data bus BS2, and decrypts it with 
private decryption key Kmedia(l) to extract session key Ks (step S210). 

Then, memory card 110 reads out encrypted data [Ks, 
License]Kcard(l) from memory 1412, and decryption processing unit 1416 
decrypts it (step S212). 

When the data read from memory 1412 is decodable with private 
decryption key Kcard(l) (step S214), license key Kc is extracted (step S216). 
When the data is not decodable, the processing ends (step S232). 

When the data read from memory 1412 is decodable (step S214), data 
related to the times of reproduction, which is a part of license information 
data License in register 1500, is changed (step S218). 

Then, license key Kc is encrypted with extracted session key Ks (step 
S220), and encrypted license key [Kc]Ks is applied to data bus BS2 (step 
S222). 

Decryption processing unit 1506 of cellular phone 100 performs the 
decryption with session key Ks to obtain license key Kc (step S224). 

Then, memory card 110 reads out encrypted content data [Dc]Kc 
from memory 1412, and applies it to data bus BS2 (step S226). 

Audio decoding unit 1508 of cellular phone 100 decrypts encrypted 
content data [Dc]Kc with extracted license key Kc to produce plaintext 
music data (step S228), and reproduces music signals for applying them to 
mixing unit 1510 (step S230). Digital-to-analog converter 1512 receives 
and converts the data applied from mixing unit 1510 to output externally 
the reproduced music. Thereby, the processing ends (step S232). 

Owing to the above structure, the memory card itself can perform the 
reproduction after sending public encryption key KPmedia(l) to the side 
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(cellular phone 100) sending session key Ks. 

Figs. 9 and 10 are first and second flowcharts representing the 
processing for transferring or duplicating music data, key data or the like 
between two memory cards. 
5 It is assumed that cellular phone 102 is a sender, and cellular phone 

100 is a receiver. It is also assumed that memory card 1 12 having a 
structure similar to that of memory card 110 is attached to cellular phone 
102. 

Cellular phone 102 first outputs a transfer request or a duplication 

10 request to its own memory card 112 and cellular phone 100 (step S300). 

In response to this, memory card 112 reads out encrypted content 
data [Dc]Kc from memory 1412, and outputs it to memory card 110 (step 
S302). Cellular phone 100 receives the request from cellular phone 102 
(step S301), and memory card 110 stores encrypted content data [DclKc in 

15 memory 1412 (step S304). 

Then, it is determined in cellular phones 102 and 100 whether the 
request applied in step S300 is a "transfer request" or a "duplication 
request" (steps S306 and S306'). When it is a "transfer request", memory 
card 112 sends a public encryption key KPmedia(2) to cellular phone 102 

20 (step S308), and cellular phone 102 receives public encryption key 

KPmedia(2) (step S312). When it is a "transfer request", memory card 110 
outputs public encryption key KPmedia(l) to cellular phone 100 (step 
S308'), and cellular phone 100 sends public encryption key KPmedia(l) to 
cellular phone 102 (step S3 10). 

25 When cellular phone 102 receives public encryption keys KPmedia(l) 

and KPmedia(2) (steps S3 12 and S3 12'), session key generating circuit 1502 
in cellular phone 102 produces session key Ks (step S303), and encryption 
processing unit 1504 encrypts session key Ks with public encryption keys 
KPmedia(l) and KPmedia(2) (step S3 14). 

30 Cellular phone 102 transmits encrypted session key [Ks]KPmedia(2) 

to memory card 112 via data bus BS2, and memory card 112 operates to 
decrypt and extract session key Ks with private decryption key Kmedia(2) 
(step S328). 
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Further, cellular phone 102 sends encrypted session key 
[Ks]KPmedia(l) to cellular phone 100 (step S3 16). Cellular phone 100 
receives encrypted session key [Ks]KPmedia(l) thus sent (step S3 18), and 
transmits it to memory card 110 so that decryption processing unit 1404 in 
5 memory card 110 decrypts encrypted session key [Ks]KPmedia(l) to accept 
session key Ks (step S320). 

In memory card 110, session key Ks encrypts public encryption key 
KPcard(l) of memory card 110 with session key Ks (step S322), and 
encrypted data [KPcard(l)]Ks is sent from cellular phone 100 to cellular 
10 phone 102 (step S324). Cellular phone 102 receives data [KPcard(l)]Ks 

(step S326), and memory card 112 completes the reception of session key Ks 
(step S328). Subsequently, memory card 112 decrypts encrypted data 
[KPcard(l)]Ks sent from memory card 110 with session key Ks to extract 
public encryption key KPcard(l) of memory card 110 in the decrypted form 
15 (step S330). 

In memory card 112, license key Kc and license information data 
License, which are encrypted with public encryption key KPcard(2) of 
memory card 112, are then read out from memory 1412 (step S332). 

Then, decryption processing unit 1416 of memory card 112 decrypts 
20 license key Kc and license information data License with private decryption 
key Kcard(2) (step S334). 

Controller 1420 in memory card 112 substitutes a value of license 
information data License thus decrypted for a data value in register 1500 
(step S336). 

25 Further, encryption processing unit 1414 in memory card 112 

encrypts license key Kc and license information data License with public 
encryption key KPcard(l), which is extracted by decryption processing unit 
1410, in memory card 110 (step S338). 

The data encrypted by encryption processing unit 1414 in memory 

30 card 112 is further applied to encryption processing unit 1406 via selector 
switch 1408 having closed contact Pc, and encryption processing unit 1406 
encrypts data [Kc, License]Kcard(l) with session key Ks to produce data 
[[Kc, License]Kcard(l)]Ks (step S340). 
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Subsequently, memory card 112 outputs data [[Kc, 
License]Kcard(l)]Ks to cellular phone 102 (step S342), and cellular phone 
102 sends data [[Kc, License]Kcard(l)]Ks to cellular phone 100 (step S344). 

Data [[Kc, License] Kcard(l)]Ks received cellular phone 100 (step 
5 S346) is transmitted to memory card 110, and decryption processing unit 
1410 in memory card 110 decrypts encrypted data [[Kc, 
License]Kcard(l)]Ks to accept data [Kc, License]Kcard(l) (step.S348), 

In memory card 110, decryption processing unit 1410 stores the data, 
which is decrypted with session key Ks, in memory 1412 (step S350). 
10 Further, in memory card 110, decryption processing unit 1416 decrypts 

data [Kc, License]Kcard(l) based on private decryption key Kcard(l), and 
stores decrypted license information data License in register 1500 (step 
S352). 

When memory card 1 10 completes the storing of decrypted license 
15 information data License in register 1500, memory card 110 sends a 

notification of the transfer acceptance to cellular phone 100, and cellular 
phone 100 sends a notification of transfer acceptance to cellular phone 102 
(step S354). 

When cellular phone 102 receives the notification of transfer 
20 acceptance from cellular phone 100, it transfers the notification to memory 
card 112 so that memory card 112 erases license information data License 
stored in register 1500 in response to reception of the notification (step 
S358). 

In response to reception of the notification of transfer acceptance, 
25 cellular phone 102 displays a message on display 1110 for inquiring user 2 
whether the user allows erasing of data stored in memory card 112 and 
corresponding to the transfer data stored in memory card 1412. User 2 
enters a response to this message via touch key unit 1108 (step S360). 

When data in register 1500 is erased (step S358), and the response to 
30 the above message is entered (step S360), controller 1420 in memory card 
112 determines whether the data in memory 1412 is to be erased or not 
(step S362). 

When there is an instruction to erase the related data in memory 
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1412 (step S362), controller 1420 operates to erase encrypted content data 
[Dc]Kc and data [Kc, License]Kcard(2) in memory 1412 (step S364), and the 
processing ends (step S374). 

When the erasing of data in memory 1412 is not instructed (step 
5 S362), the processing ends (step S374). In this case, encrypted content 
data [Dc]Kc and data [Kc, License] Kcard(2) are left in memory 1412, but 
license information data License is not present in register 1500 so that user 
2 cannot reproduce the music data unless user 2 receives the reproduction 
information from music server 30 again. Thus, memory card 112 enters 

10 the "state SB". In memory card 110, license key Kc and the license 

information data are moved in addition to the encrypted content data so 
that memory card 1 10 is in the "state SA". 

When it is determined in step S306' that the "duplication request" is 
applied, a duplication acceptance notification is sent from cellular phone 

15 100 to cellular phone 102 (step S370). When the duplication acceptance 
notification is received by cellular phone 102 (step S372), the processing 
ends (step S374). 

Owing to the above structure, the transfer operation and the 
duplication operation can be performed after the memory card itself sends 

20 public encryption keys KPmedia(l) and KPmedia(2) to the side (cellular 
phone 100) sending session key Ks. 
[Second Embodiment] 

A data distribution system of a second embodiment differs from the 
data distribution system of the first embodiment in that each of the 

25 distribution server, cellular phones and memory cards is configured to 
produce a unique session key. More specifically, it is assumed that the 
distribution server or cellular phone generates session key Ks, a memory 
card 120 generates a session key Ksl, and a memory card 122 having 
substantially the same structure as memory card 120 generates a session 

30 keyKs2. 

In the data distribution system of the second embodiment, each of 
the devices and instruments forming the system produces the session key 
by itself, and performs the operation for receiving data (i.e., the operation 
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as a receiver) by sending first the session key to the opposite party (sender). 
The sender encrypts the session key sent from the receiver, and sends the 
encrypted data. The receiver decrypts the received data with the session 
key produced by it. The structure for performing the above operations is a 
5 distinctive feature of the second embodiment. 

For achieving the above operations, a key KPp is used in the 
reproducing operation as an public encryption key for receiving the session 
key, which is produced by the memory card, on the cellular phone side, and 
a key Kp is used as a private decryption key for decrypting the data 
10 encrypted with public encryption key KPp. 

Fig. 1 1 is a schematic block diagram showing a structure of a 
distribution server 11 corresponding to memory card 120 in the second 
embodiment. Distribution server 11 differs from distribution server 10 
shown in Fig. 3 in that encryption processing unit 322 in data processing 
15 unit 310 further encrypts the output of encryption processing unit 320 not 
based on session key Ks applied from Ks generating unit 314 but based on 
a session key (e.g., session key Ksl), which is sent from the memory card 
attached to the cellular phone after being encrypted with session keys Ksl 
and Ks2, and is decrypted by decryption processing unit 318 for extraction, 
20 and then applies the output thus encrypted to communication device 350 
via data bus BS1. 

Structures of distribution server 1 1 other than the above are similar 
to those of distribution server 10 of the first embodiment shown in Fig. 3. 
The same parts and portions bear the same reference numbers, and 
25 description thereof is not repeated. 

Fig. 12 is a schematic block diagram showing a structure of a cellular 
phone 101 in the second embodiment. 

Cellular phone 101 differs from cellular phone 100 shown in Fig. 4 in 
that memory card 120 is attached thereto, and also differs in that cellular 
30 phone 101 includes a KPp holding unit 1524 for holding public encryption 
key KPp, and outputting public encryption key KPp to data bus BS2 in the 
reproducing operation. 

Further, cellular phone 101 includes a Kp holding unit 1520 for 
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holding private decryption key Kp, and a decryption processing unit 1522 
for decrypting and extracting session key Ksl, which is encrypted with 
public encryption key KPp applied from memory card 120 via data bus BS2, 
based on private decryption key Kp applied from Kp holding unit 1520. 
5 Further, encryption processing unit 1504 encrypts its own session key Ks 
generated by Ks generating unit 1502 with session key Ksl applied from 
decryption processing unit 1522 for outputting the same to data bus BS2. 

Structures of cellular phone 101 other than the above are 
substantially the same as those of cellular phone 100 of the first 

10 embodiment shown in Fig. 1. The same parts and portions bear the same 
reference numbers, and description thereof is not repeated. 

Fig. 13 is a schematic block diagram showing a structure of memory 
card 120 in the second embodiment of the invention, and corresponds to Fig. 
5 showing the first embodiment. 

15 The structure of memory card 120 differs from the structure of 

memory card 110 in that memory card 120 includes a session key Ksl 
generating unit 1432 for generating session key Ksl unique to memory 
card 120. 

In addition to the above difference, memory card 120 includes an 
20 encryption processing unit 1430 for encrypting session key Ksl produced by 
session key generating unit 1432, and applying the same to data bus BS3. 

Corresponding to the above, memory card 120 further includes a KPp 
accepting unit 1407 for receiving and holding public encryption key KPp of 
cellular phone 101 in the reproduction mode, a KPmedia accepting unit 
25 1403 for receiving public encryption key KPmedia(n) of the opposite party 
(receiver or destination) in the transfer mode, and a selector switch 1436, 
which receives the outputs of KPmedia accepting unit 1403 and KPp 
accepting unit 1407, and outputs either of them depending on the operation 
mode. Selector switch 1436 has contacts Pi and Ph, which are coupled to 
30 EPp accepting unit 1407 and KPmedia accepting unit 1403, respectively. 
Encryption processing unit 1430 applies session key Ksl to data bus BS3 
after encrypting it with public encryption key KPmedia(n) or public 
encryption key KPp applied from selector switch 1436. 
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When memory card 120 performs the distributing operation, or 
functions as the receiver or destination in the transfer operation, selector 
switch 1436 is not used. In the reproducing operation, selector switch 
1436 closes contact Pi. When memory card 120 functions as the sender in 
5 the transfer operation, contact Ph is closed. 

Memory card 120 further includes a selector switch 1435, which has 
contacts Pe, Pf and Pg for receiving session key Ks of the music server 
applied from decryption processing unit 1404, the output of Ksl generating 
unit 1432 and session key Ks of cellular phone 101 applied from data bus 

10 BS4, and selectively outputs them in accordance with the operation mode. 
Contact Pe is coupled to the output of decryption processing unit 1404, 
contact Pf is coupled to the output of Ksl generating unit 1432, and contact 
Pg is coupled to data bus BS4. Accordingly, encryption processing unit 
1406 and decryption processing unit 1410 perform the encryption and 

15 decryption based on the key applied from selector switch 1435, respectively. 

Selector switch 1435 closes contact Pe when session key Ksl is to be 
extracted from music server 31 in the distribution operation. When 
encrypted license key license key Kc and encrypted license information 
data applied from music server 31 are to be decrypted with session key Ksl 

20 in the distribution operation, selector switch 1435 closes contact Pf. 

Selector switch 1435 closes contact Pf when decryption is performed in the 
reproducing operation, and closes contact Pg when encryption is performed 
in the reproducing operation. When selector switch 1435 is on the sender 
side in the transfer operation and decryption is to be performed, selector 

25 switch 1435 closes contact Pf. When selector switch 1435 is on the sender 
side in the transfer operation and encryption is to be performed, selector 
switch 1435 closes contact Pg. When selector switch 1435 is on the 
receiver side in the transfer operation and the session key is to be received 
from the sender, selector switch 1435 closes contact Pe. When selector 

30 switch 1435 is on the receiver side in the transfer operation, and license 
key Kc and license information data License are to be received, selector 
switch 1435 closes contact Pf. 

Memory card 120 further includes a selector switch 1409 instead of 
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selector switch 1408. Selector switch 1409 has contacts Pa, Pb, Pc and Pd, 
and receives session key Ksl of its memory card 120 applied from Ksl 
generating unit 1432, the output of KPcard holding unit 1405, license key 
Kc applied from data bus BS5, and license key Kc and license information 
5 data License, which are applied from encryption processing unit 1414 and 
are encrypted with public encryption key KPcard(n) of the opposite party, 
and selectively outputs them in accordance with the operation mode. 

Contact Pa is coupled to the output of Ksl generating unit 1432, and 
contact Pb is coupled to the output of KPcard(l) holding unit 1405. Also, 

10 contacts Pc and Pd are coupled to data bus BS5 and the output of 

encryption processing unit 1414, respectively. Therefore, encryption 
processing unit 1406 encrypts the various kinds of data applied from 
selector switch 1409. 

More specifically, when selector switch 1409 is on the receiver side in 

15 the distribution mode, and public encryption key KPcard(l) and session key 
Ksl of its memory card 120 are to be sent to music server 31, selector 
switch 1409 successively closes contacts Pb and Pa. In the reproduction 
mode, selector switch 1409 closes contact Pc. When selector switch 1409 is 
on the sender side in the transfer mode, it closes contact Pd. When 

20 selector switch 1409 is on the receiver side in the transfer mode, and public 
encryption key KPcard(l) and session key Ksl of its memory card 120 are 
to be sent, selector switch 1409 successively closes contacts Pb and Pa. 

Figs. 14 and 15 are first and second flowcharts representing the 
distribution mode using memory card 120 shown in Fig. 13. 

25 Figs. 14 and 15 represent operations, in which the system is in the 

distribution mode, and user 1 uses memory card 120 for receiving the music 
data distributed from music server 31. 

First, user 1 requests the distribution via cellular phone 101, e.g., by 
operating keys or buttons on touch key unit 1108 (step S100). 

30 In response to this distribution request, KPmedia(l) holding unit 

1401 in memory card 120 sends public encryption key KPmedia(l) to music 
server 31 (step S102). Further, Ksl generating unit 1432 in memory card 
120 produces session key Ksl (step S109). 
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In music server 31, when the distribution request and public 
encryption key KPmedia(l) are received from memory card 120 (step S104), 
inquiry is applied to authentication server 12 based on received public 
encryption key KPmedia(l) (step S106), and next processing moves to the 
5 next step when the access is performed with the regular memory card. If a 
regular memory card is not used, the processing ends (step S154). 

When it is determined by the inquiry that a regular memory card is 
used, session key generating unit 314 produces session key Ks in music 
server 31. Further, encryption processing unit 316 in music server 31 
10 encrypts session key Ks with received public encryption key KPmedia(l) to 
produce encrypted session key [Ks]Kmedia(l) (step S108). 

Then, music server 31 applies encrypted session key [Ks]Kmedia(l) 
to data bus BS1. Communication device 350 sends encrypted session key 
[Ks]Kmedia(l) received from encryption processing unit 316 to memory 
15 card 120 of cellular phone 101 over the communication network (step SI 10). 
When cellular phone 101 receives encrypted session key 
[Ks]Kmedia(l) (step SI 12), decryption processing unit 1404 in memory card 
120 decrypts the data applied to data bus BS3 via memory interface 1200 
with encrypted session key [Ks]Kmedia(l) so that session key Ks is 
20 decrypted and extracted (step Si 14). 

In the distribution mode, selector switch 1409 is in the state for 
successively closing contacts Pa and Pb so that encryption processing unit 
1406 encrypts session key Ksl applied from session key generating unit 
1432 via contact Pa as well as public encryption key KPcard(l) (i.e., public 
25 encryption key for memory card 120) applied from KPcard(l) holding unit 
1405 via contact Pb with session key Ks (step SI 16), and thereby produces 
data [KPcard(l), Ksl]Ks (step SI 18). 

Cellular phone 101 sends data [KPcard(l), Ksl]Ks encrypted by 
encryption processing unit 1406 to music server 31 (step S120). 
30 In music server 31, communication device 350 receives data 

[KPcard(l), Ksl]Ks (step S122), and decryption processing unit 318 
decrypts data [KPcard(l), Ksl]Ks applied to data bus BS1 with session key 
Ks to extract public encryption key KPcard(l) and session key Ksl in the 
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decrypted form (step S124). 

Then, distribution control unit 312 produces license information data 
License including license ID data and others based on the data held in 
distribution information database 304 and others (step S126). 
5 Further, music server 31 obtains encrypted content data [Dc]Kc from 

distribution information database 304, and sends it to memory card 120 via 
communication device 350 (step S128). 

When cellular phone 101 receives encrypted content data [Dc]Kc 
(step S130), memory card 120 stores encrypted content data [Dc]Kc thus 
10 received in memory 1412 as it is (step S132). 

Music server 3 1 obtains license key Kc from distribution information 
database 304 (step S134), and encryption processing unit 320 encrypts 
license key Kc and license information data License applied from 
distribution control unit 312 with public encryption key KPcard(l) applied 
15 from decryption processing unit 318 (step S136). 

Encryption processing unit 322 receives data [Kc, License] Kcard(l) 
encrypted by encryption processing unit 320, and applies it to data bus BS 
after encrypting the data with session key Ksl applied from memory card 
120. Communication device 350 sends data [[Kc, License]Kcard(l)]Ksl 
20 encrypted with encryption processing unit 322 to memory card 120. 

When cellular phone 101 receives data [[Kc, License] Kcard(l)] Ksl 
(step S142), decryption processing unit 1410 in memory card 120 decrypts 
it with session key Ksl applied from Ksl generating unit 1432 via contact 
Pf so that data [Kc, License]Kcard(l) is extracted and stored in memory 
25 1412 (step S146). 

In memory card 120, decryption processing unit 1416 decrypts data 
[Kc, License]Kcard(l) stored in memory 1412 under the control of controller 
1420, and stores decrypted license information data License in register 
1500 (step S148). 

30 Through the above operations, memory card 120 can receive the 

distributed data after memory card 120 itself sends public encryption key 
KPmedia(l) and session key Ksl to the sender side (music server 31) of the 
encrypted content data, and thereby memory card 120 can enter the state, 
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in which the music information can be reproduced. 

Further, memory card 120 sends a notification of distribution 
acceptance to music server 31. When music server 31 receives this 
distribution acceptance notification (step S150), accounting database 302 
5 stores accounting data of user 1 (step S152), and the processing ends (step 
S154). 

Figs. 16 and 17 are first and second flowcharts representing the 
reproduction mode of cellular phone 101, in which the encrypted content 
data held by memory card 120 is decrypted for externally outputting the 
10 content data (i.e., music data) as music. 

Referring to Figs. 16 and 17, user 1 applies a reproduction request 
entered by user 1 via touch key unit 1108 or the like of the cellular phone 
to memory card 120 (step S200). 

In response to this reproduction request, controller 1420 in memory 
15 card 120 determines based on the license information data License held in 
register 1500 whether the request is applied for the reproducible data or 
not (step S202). When it is determined that the requested data is 
reproducible, a notification that the data is reproducible is sent to cellular 
phone 101 (step S240). When it is not reproducible, the processing ends 
20 (step S280). 

When memory card 120 determines that the requested data is 
reproducible, and sends the notification that the data is reproducible, 
cellular phone 101 sends public encryption key KPp to memory card 120 
(step S242), and Ks generating unit 1502 produces session key Ks (step 
25 S244). 

Also, memory card 120 produces session key Ksl (step S240). 
Memory card 120 encrypts session key Ksl with public encryption key KPp 
received from cellular phone 101 via data bus BS2 (step S248), and sends 
encrypted session key [Ksl]Kp thus prepared to cellular phone 101 (step 
30 S250). 

When cellular phone 101 receives encrypted session key [Ksl]Kp 
from memory card 120, decryption processing unit 1522 in cellular phone 
101 decrypts it with private decryption key Kp to extract session key Ksl 



-34- 



O 6 :L 90E 



prepared by memory card 120 (step S252). Then, encryption processing 
unit 1504 in cellular phone 101 encrypts session key Ks prepared by 
cellular phone 101 with session key Ksl to produce encrypted session key 
[Ks]Ksl (step S254), and sends encrypted session key [Ks]Ksl thus 
5 prepared to memory card 120 (step S256). 

Memory card 120 receives encrypted session key [Ks]Ksl produced 
by cellular phone 101 via data bus BS2, and decrypts it with session key 
Ksl for extracting session key Ks produced by cellular phone 101 (step 
S258). 

10 Then, memory card 120 reads out encrypted data [Kc, 

License]Kcard(l) from memory 1412, and decryption processing unit 1416 
decrypts it (step S260). 

When the data read from memory 1412 is decodable with private 
decryption key Kcard(l) (S262), license key Kc is extracted (step S264). If 

15 not decodable, the processing ends (step S280). 

When the data read from memory 1412 is decodable, processing is 
performed to change the data, which is contained in license information 
data License in register 1500, and is related to the reproduction times (step 
S266). 

20 In memory card 120, encryption processing unit 1406 then encrypts 

license key Kc with extracted session key Ks (step S268), and applies 
encrypted license key [Kc]Ks to data bus BS2 (step S270). 

Decryption processing unit 1506 in cellular phone 101 performs the 
decryption with session key Ks to obtain license key Kc. 

25 Then, memory card 120 reads out encrypted content data [Dc]Kc 

from memory 1412, and applies it to data bus BS2 (step S274). 

Audio decoding unit 1508 in cellular phone 101 decrypts encrypted 
content data [Dc]Kc with extracted license key Kc to produce plaintext 
content data (step S276), and reproduces music signals for applying them 

30 to mixing unit 1510 (step S276). Digital-to-analog converter 1512 receives 
and converts the music signals applied from mixing unit 1510 for 
externally outputting the reproduced music, and then the processing ends 
(step S232). 
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Owing to the above structures, the memory card itself and the 
cellular phone itself produce session keys Ksl and Ks, respectively, and the 
reproduction can be performed after the encrypted data is transmitted 
using these keys. 

5 Figs. 18 and 19 are first and second flowcharts representing the 

processing of transferring or duplicating the content data, key data and 
others between two memory cards, respectively. 

It is assumed that a cellular phone 103 having substantially the 
same structure as cellular phone 101 is on the sender side, and cellular 
10 phone 101 is on the receiver side. Memory card 122 having substantially 
the same structure as memory card 120 is likewise attached to cellular 
phone 103. 

Cellular phone 103 first outputs a transfer request or a duplication 
request to memory card 122 attached thereto and cellular phone 101 (step 
15 S300). 

In response to this, memory card 122 reads out encrypted content 
data [Dc]Kc from memory 1412, and outputs it to memory card 120 (step 
S302). Cellular phone 101 receives the request from cellular phone 103 
(step S301), and memory card 120 operates to store encrypted content data 
20 [Dc]Kc in memory 1412 (step S304). 

In cellular phones 103 and 101, it is then determined whether the 
request applied in step S300 is a "transfer request" or a "duplication 
request" (steps S306 and S306'). When it is a "transfer request", memory 
card 120 outputs public encryption key KPmedia(l) to cellular phone 101 
25 (step S308), and cellular phone 101 sends public encryption key 
KPmedia(l) to cellular phone 103 (step S3 10). 

When cellular phone 103 receives public encryption key KPmedia(l) 
(step S3 12), and transfers it to memory card 122 (step S3 13), Ks2 
generating circuit 1432 of memory card 122 produces session key Ks2 (step 
30 S3 14), and encryption processing unit 1430 encrypts session key Ks2 with 
public encryption key KPmedia(l) (step S3 15). 

Cellular phone 103 sends encrypted session key [Ks2]KPmedia(l) to 
cellular phone 101 (step S3 16). Cellular phone 101 receives encrypted 
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session key [Ks2]KPmedia(l) (step S3 18), and transmits it to memory card 
120. In memory card 120, decryption processing unit 1404 decrypts 
encrypted session key [Ks2]KPmedia(l), and session key generating unit 
1432 produces session key Ksl to be used in memory card 120 (step S320). 
5 In memory card 120, public encryption key KPcard(l) and session 

key Ksl of memory card 120 are encrypted with session key Ks2 (step 
S322), and encrypted data [KPcard(l), Ksl]Ks2 is sent from cellular phone 
101 to cellular phone 103 (step S324). Cellular phone 103 receives data 
[KPcard(l), Ksl]Ks2 (step S326), and transfers it to memory card 122. 

10 In memory card 122, decryption processing unit 1410 decrypts 

encrypted data [KPcard(l), Ksl]Ks2 sent from memory card 120 with 
session key Ks2, and extracts public encryption key KPcard(l) and session 
key Ksl of memory card 120 in the decoded form (step S330). 

In memory card 122, encrypted data [Kc, License] Kcard(2), which 

15 corresponds to license key Kc and license information data License, and is 
encrypted with public encryption key KPcard(2) of memory card 22, is then 
read out from memory 1412 (step S332). 

Then, decryption processing unit 1416 of memory card 122 decrypts 
data [Kc, License] Kcard(2) with private decryption key Kcard(2) (step 

20 S334). 

Controller 1420 of memory card 122 substitutes the value of license 
information data License thus decrypted for the data value in register 1500 
(step S336). 

Encryption processing unit 1414 in memory card 122 encrypts 
25 license key Kc and license information data License with public encryption 
key KPcard(l) in memory card 120 extracted by decryption processing unit 
1410 (step S338). 

The data encrypted by encryption processing unit 1414 in memory 
card 122 is applied to encryption processing unit 1406 via selector switch 
30 1409 having closed contact Pd, and encryption processing unit 1406 in 

memory card 122 encrypts data [Kc, License] Kcard(l) with session key Ksl 
to produce data [[Kc, License] Kcard(l)] Ksl (step S340). 

Then, memory card 122 outputs data [[Kc, License]Kcard(l)]Ksl to 
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cellular phone 103 (step S342), and cellular phone 103 sends data [[Kc, 
License]Kcard(l)]Ksl to cellular phone 101 (step S344). 

Data [[Kc, License]Kcard(l)]Ksl is received by cellular phone 101 
(step S346), and is transmitted to memory card 120, in which decryption 
5 processing unit 1410 decrypts encrypted data [[Kc, License]Kcard(l)]Ksl, 
and accepts data [Kc, License]Kcard(l) (step S348). 

In memory card 120, data [Kc, License]Kcard(l) decrypted by 
decryption processing unit 1410 with session key Ksl is stored in memory 
1412 (step S350). In memory card 120, decryption processing unit 1416 
10 decrypts data [Kc, License] Kcard(l) based on private decryption key 

Kcard(l), and register 1500 stores license information data License thus 
decrypted (step S3 52). 

Subsequent processing performed by memory cards 120 and 122 in 
either of the transfer mode and the duplication mode are substantially the 
15 same as the processing by memory cards 110, 112 and others of the first 
embodiment already described with reference to Figs. 9 and 10, and 
therefore description thereof is not repeated. 

Owing to the above structures, the operations in the transfer mode 
can be performed after producing the session key by each of the memory 
20 cards on the sender and receiver sides. 

Accordingly, license key Kc of data transmitted on the data bus and 
others as well as the key for encrypting license information data License 
are unique to every session and every instrument or device. This can 
further improve the security of transmission of license key Kc and license 
25 information data License. 

Owing to the above structures, the transfer of data from memory 
card 122 to memory card 120 can be performed without using a cellular 
phone terminal having session key generating circuit 1502 already 
described, and more specifically, can be performed by the memory cards 
30 and the interface devices connected to the memory cards. This further 
improves the convenience of users. 

In the transfer operation, the data included in license information 
data for restricting the times of reproduction is set in such a manner that 
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the license information data recorded in memory 1412 is changed into the 
license information data bearing the number of reproduction times, which 
was corrected by register 1500 in response to every reproduction. Even 
when the content data is transferred between the memory cards, the above 
5 manner can prevent such a situation that the reproduction times of the 
content data exceed the times restricted and determined at the time of 
distribution. 
[Third Embodiment] 

A data distribution system of a third embodiment has such a 

10 distinctive feature that the user does not receive encrypted content data 
distributed from a distribution carrier, i.e., a cellular phone company, but 
receives encrypted content data from a content data vending machine 
disposed, e.g., on a street. 

Fig. 20 conceptually shows a structure of the data distribution 

15 system of the third embodiment. Since cellular phone 100 and memory 

card 110 have substantially the same structures as cellular phone 100 and 
memory card 110 in the first embodiment already described, description 
thereof is not repeated. 

Referring to Fig. 20, a content data vending machine 2000 includes a 

20 display 2002 for providing guidance and others on distribution to users, a 

keyboard 2004 for entering an instruction by a user, a coin slot 2006 and an 
external connector 2010 for transmitting data to and from cellular phone 
100 via connector 1120. Content data vending machine 2000 is connected 
to an administration server 2200 for administrating a sales record and 

25 others over a cellular phone network or the like. 

Fig. 2 1 is a schematic block diagram showing a structure of content 
data vending machine 2000 of the third embodiment. As already 
described, content data vending machine 2000 includes display 2002, 
keyboard 2004, a coin receiver 2020 for receiving coins or the like dropped 

30 through slot 2006, external connector 2010, an interface unit 2012 
arranged between connector 2010 and the data bus, distribution 
information database 304 for holding data, which is prepared by encrypting 
the content data (music data) in a predetermined scheme, and distribution 
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information such as license information data and others, a communication 
device 360 for transmitting information to and from administration server 
2200, and a data processing unit 2100, which receives data from 
distribution information database 304 and administration server 2200 via 
5 data bus BSl, and encrypts the data in a predetermined scheme. 

Similarly to the first embodiment, data processing unit 2100 is 
internally provided with distribution control unit 312 for controlling the 
operation of data processing unit 2100 in accordance with data on data bus 
BSl, session key generating unit 314 for generating session key Ks under 

10 the control of distribution control unit 312, encryption processing unit 316 
for encrypting session key Ks produced by session key generating unit 314 
with public encryption key KPmedia(n) unique to the card medium, and 
applying the same to data bus BSl, decryption processing unit 318 for 
receiving and decrypting the data, which is applied via data bus BSl from 

15 connector 2010 after being encrypted with session key Ks in the cellular 

phone of the user, encryption processing unit 320 for encrypting the license 
information data with public encryption key KPcard(n) extracted by 
decryption processing unit 318 under control of distribution control unit 
312, and encryption processing unit 322 for further encrypting the output 

20 of encryption processing unit 320 with session key Ks, and applying it to 
connector 2010 via data bus BSl. 

Figs. 22 and 23 are first and second flowcharts representing the 
distribution mode of the distribution system already described with 
reference to Figs. 20 and 21. 

25 Figs. 22 and 23 represent operations, in which user 1 uses memory 

card 110, and receives the music data distributed from content data 
vending machine 2000. 

First, user 1 applies a distribution request via keys, buttons or the 
like on keyboard 2004 of content data vending machine 2000 (step S400). 

30 Content data vending machine 2000 outputs a request for sending public 
encryption key KPmedia(l) to memory card 110 (step S402). 

In memory card 110, KPmedia(l) holding unit 1401 outputs public 
encryption key KPmedia(l) to cellular phone 100 in response to the above 
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request for sending public encryption key KPmedia(l) (step S406). 

When cellular phone 100 sends public encryption key KPmedia(l) to 
content data vending machine 2000 (step S408), and content data vending 
machine 2000 receives public encryption key KPmedia(l) transferred from 
5 memory card 110 (step S410), display 2002 displays a message or the like 
requesting coin dropping, and the charge is collected (step S412). Then, 
session key generating unit 314 in content data vending machine 2000 
produces session key Ks. In content data vending machine 2000, 
encryption processing unit 316 encrypts session key Ks with received public 
10 encryption key KPmedia(l) to produce encrypted session key [Ks]Kmedia(l) 
(step S414). 

Then, content data vending machine 2000 applies encrypted session 
key [Ks]Kmedia(l) to data bus BSl, and outputs it from connector 2010 
(step S416). Cellular phone 100 receives encrypted session key 

15 [Ks]Kmedia(l), and transfers it to memory card 110 (step S418). 

In memory card 110, decryption processing unit 1404 decrypts 
encrypted session key [Ks]Kmedia(l), which is applied via interface 1200 to 
data bus BS3, with private decryption key Kmedia(l) to extract session key 
Ks in the decrypted form (step S420). 

20 In the distribution mode, contact Pa is closed in selector switch 1408. 

Therefore, encryption processing unit 1406 then encrypts public encryption 
key KPcard(l) applied from KPcard(l) holding unit 1405 via contact Pa 
with session key Ks (step S422) to produce data [KPcard(l)]Ks (step S424). 
Cellular phone 100 sends data [KPcard(l)]Ks encrypted by 

25 encryption processing unit 1406 to content data vending machine 2000 
(step S426). 

In content data vending machine 2000, data [KPcard(l)]Ks is 
received via connector 2010 (step S428), and decryption processing unit 318 
decrypts data [KPcard(l)]Ks applied to data bus BSl with session key Ks to 
30 extract public encryption key KPcard(l) in the decrypted form (step S430). 

Then, distribution control unit 312 produces license information data 
License containing license ID data and others based on the data held in 
distribution information database 304 and others (step S432). 



- 41 - 



JL Q'O £» «3 A ± 2 » O £> :t, 90 H 



Content data vending machine 2000 obtains encrypted content data 
[Dc]Kc from distribution information database 304, and sends it to cellular 
phone 100 via connector 2010 (step S434). 

When cellular phone 100 receives encrypted content data [Dc]Kc 
5 (step S436), memory card 110 stores encrypted content data [Dc]Kc thus 
received in memory 1412 as it is (step S438). 

Content data vending machine 2000 obtains license key Kc from 
distribution information database 304 (step S440), and encryption 
processing unit 320 encrypts license key Kc and license information data 
10 License sent from distribution control unit 312 with public encryption key 
KPcard(l) applied from decryption processing unit 318 (step S442). 

Encryption processing unit 322 receives data [Kc, License]Kcard(l) 
encrypted by encryption processing unit 320, and further encrypts it with 
session key Ks to apply data [[Kc, License]Kcard(l)]Ks to data bus BS1 so 
15 that data [[Kc, License]Kcard(l)]Ks thus encrypted by encryption 
processing unit 322 is sent to memory card 110 (step S446). 

When cellular phone 100 receives data [[Kc, License]Kcard(l)]Ks 
(step S448), decryption processing unit 1410 in memory card 110 decrypts 
it with session key Ks to extract and store data [Kc, License]Kcard(l) in 
20 memory 1412 (step S452). 

In memory card 110, decryption processing unit 1416 controlled by 
controller 1420 decrypts data [Kc, License]Kcard(l) stored in memory 1412, 
and stores decrypted license information data License in register 1500 (step 
S458). 

25 By the operations described above, the memory card can receive the 

distributed data after the memory card itself sends public encryption key 
KPmedia(l) to the side sending session key Ks (i.e., content data vending 
machine 2000), and can enter the state, in which the music can be produced 
from the encrypted content data stored in memory card 1 10. 

30 Further, memory card 110 sends a notification of the distribution 

acceptance to content data vending machine 2000 via cellular phone 100 
(step S460). When content data vending machine 2000 receives this 
notification of distribution acceptance (step S462), a sales record is sent to 
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the administration server (step S464), and the processing ends (step S466). 

Owing to the above structure, the user can receive the encrypted and 
distributed music data and others more easily. 
[Modification of the Third Embodiment] 
5 In the data distribution system of the third embodiment, memory 

card 110 is configured to receive the encrypted content data distributed by 
content data vending machine 2000 via cellular phone 100. 

In the structure of content data vending machine 2000 shown in Fig. 
21, however, connector 2010 may be replaced with a memory slot for 
10 interface to memory card 110. Thereby, the data can be directly 

transmitted between memory card 110 and content data vending machine 
2000 without interposing cellular phone 100 therebetween. 

Fig. 24 conceptually shows a structure of content data vending 
machine of such a modification of the third embodiment. Content data 
15 vending machine 2000 of this modification differs from content data 

vending machine 2000 of the third embodiment shown in Fig. 20 in that a 
card slot 2030 for receiving a memory card is employed instead of external 
connector 2010, and the card in card slot 2030 can transmit data to and 
from data bus BSl via interface portion 2012. 
20 Figs. 25 and 26 are first and second flowcharts representing the 

distribution mode in the data distribution system of the modification of the 
third embodiment. 

The processing in the distribution mode shown in Figs. 25 and 26 are 
the same as that in the distribution mode of the third embodiment shown 
25 in Figs. 22 and 23 except for that data transmission is performed between 
memory card 110 and content data vending machine 2001 without 
interposing cellular phone 100. Therefore, the same steps and operations 
bear the same reference characters, and description thereof is not repeated. 
Owing to the above structures and operations, the user can receive 
30 more easily the encrypted music data and others distributed thereto. 

Further, the memory card can operate independently to receive and 
store the distributed content data in the encrypted form. This increases a 
range, from which a circuit or a unit for content data reproduction is 
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selected, and therefore further improves the convenience of users. 
[Fourth Embodiment] 

Fig. 27 is a schematic block diagram showing a structure of a content 
data vending machine 3000 of a fourth embodiment. The structure of 
5 content data vending machine 3000 of the fourth embodiment differs from 
that of content data vending machine 2000 shown in Fig. 21 in that 
memory card 120 of the second embodiment can be used, and cellular phone 
101 is used as the terminal. Corresponding to this, encryption processing 
unit 322 in data processing unit 2100 further encrypts the output of 

10 encryption processing unit 320 not based on session key Ks applied from Ks 
generating unit 314 but based on the session key (e.g., session key Ksl), 
which is sent from the memory card attached to the cellular phone after 
being encrypted with session key Ks, and is decrypted by decryption 
processing unit 318, and applies the output thus encrypted to interface unit 

15 2012 and connector 2010 via data bus BS1. 

Structures of content data vending machine 3000 other than the 
above are substantially the same as those of content data vending machine 
2000 of the third embodiment shown in Fig. 21. The same portions bear 
the same reference numbers, and description thereof is not repeated. 

20 Since cellular phone 101 and memory card 110 have substantially 

the same structure as those in the second embodiment, description thereof 
is not repeated. 

Figs. 28 and 29 are first and second flowcharts representing the 
distribution mode of the data distribution system shown in Fig. 27. 
25 Figs. 28 and 29 represent operations, in which user 1 uses memory 

card 120 for receiving music data distributed from content data vending 
machine 3000. 

First, the user enters the distribution request, e.g., by operating keys 
or buttons on keyboard 2004 of content data vending machine 3000 (step 
30 S500). Content data vending machine 3000 outputs a request for sending 
public encryption key KPmedia(l) to memory card 110 (step S502). 

In memory card 120, KPmedia(l) holding unit 1401 sends public 
encryption key KPmedia(l) to content data vending machine 3000 in 
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response to this request for sending public encryption key KPmedia(l) (step 
S506). Further, in memory card 120, Ksl generating unit 1432 produces 
session key Ksl (step S515). 

Cellular phone 101 sends public encryption key KPmedia(l) to 
5 content data vending machine 3000 (step S508), and content data vending 
machine 3000 receives public encryption key KPmedia(l) transferred from 
memory card 120 (step S510). Thereby, display 2002 displays a message 
or the like requesting coin dropping, and the charge is collected (step S512). 
Then, session key generating unit 314 in content data vending machine 
10 3000 produces session key Ks. In content data vending machine 3000, 

encryption processing unit 316 encrypts session key Ks with received public 
encryption key KPmedia(l) to produce encrypted session key [Ks]Kmedia(l) 
(step S514). 

Then, content data vending machine 3000 applies encrypted session 
15 key [Ks]Kmedia(l) to data bus BSl, and outputs it from connector 2010 
(step S416). Cellular phone 101 receives encrypted session key 
[Ks]Kmedia(l), and transfers it to memory card 120 (step S518). 

In memory card 120, decryption processing unit 1404 decrypts 
encrypted session key [Ks]Kmedia(l), which is applied via interface 1200 to 
20 data bus BS3, with private decryption key Kmedia(l) to extract session key 
Ks in the decrypted form (step S520). 

Encryption processing unit 1406 then encrypts public encryption key 
KPcard(l) applied from KPcard(l) holding unit 1405 and session key Ksl 
applied from Ksl generating unit 1432 with session key Ks (step S522) to 
25 produce data [KPcard(l), Ksl]Ks (step S524). 

Cellular phone 101 sends data [KPcard(l), Ksl]Ks encrypted by 
encryption processing unit 1406 to content data vending machine 3000 
(step S526). 

In content data vending machine 3000, data [KPcard(l), Ksl]Ks is 
30 received via connector 2010 (step S528), and decryption processing unit 318 
decrypts data [KPcard(l), Ksl]Ks applied to data bus BSl with session key 
Ks to extract public encryption key KPcard(l) and session key Ksl in the 
decrypted form (step S530). 
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Then, distribution control unit 312 produces license information data 
License containing license ID data and others based on the data held in 
distribution information database 304 and others (step S532). 

Content data vending machine 3000 obtains encrypted content data 
5 [Dc]Kc from distribution information database 304, and sends it to cellular 
phone 101 via connector 2010 (step S534). 

When cellular phone 101 receives encrypted content data [Dc]Kc 
(step S536), memory card 120 stores encrypted content data [Dc]Kc thus 
received in memory 1412 as it is (step S538). 
10 Content data vending machine 3000 obtains license key Kc from 

distribution information database 304 (step S540), and encryption 
processing unit 320 encrypts license key Kc and license information data 
License sent from distribution control unit 312 with public encryption key 
KPcard(l) applied from decryption processing unit 318 (step S542). 
15 Encryption processing unit 322 receives data [Kc, License]Kcard(l) 

encrypted by encryption processing unit 320, and further encrypts it with 
session key Ksl to apply data [[Kc, License]Kcard(l)]Ksl to data bus BS1 
so that data [[Kc, License]Kcard(l)]Ksl thus encrypted by encryption 
processing unit 322 is sent to cellular phone 101 (step S546). 
20 When cellular phone 101 receives data [[Kc, License]Kcard(l)]Ksl 

(step S548), decryption processing unit 1410 in memory card 120 decrypts 
it with session key Ksl to extract and store data [Kc, License]Kcard(l) in 
memory 1412 (step S552). 

The processing after the above is substantially the same as that in 
25 the third embodiment shown in Figs. 22 and 23, and therefore description 
thereof is not repeated. 

Owing to the above structure, the user can receive the encrypted and 
distributed content data such as music data more easily. 

Further, the encryption key of data transmitted on the data bus and 
30 others is unique to every session and every instrument or device. This can 
further improve the security of data transmission. 
[Modification of the Fourth Embodiment] 

In the data distribution system of the fourth embodiment, memory 
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card 120 is configured to receive the encrypted content data distributed by 
content data vending machine 3000 via cellular phone 101. 

In the structure of content data vending machine 3000 shown in Fig: 
27, however, connector 2010 may be replaced with a memory slot for 
5 interface to memory card 120, as is done in the modification of the third 
embodiment. Thereby, the data can be directly transmitted between 
memory card 120 and content data vending machine 3000 without 
interposing cellular phone 101 therebetween. 

A structure of content data vending machine 3001 of such a 
10 modification of the fourth embodiment is substantially the same as the 
structure of the modification of the third embodiment shown in Fig. 24 
except for the structure of data processing unit 2100. 

More specifically, the structure of content data vending machine 
3001 of the modification of the fourth embodiment differs from the 
15 structure of content data vending machine 3000 of the fourth embodiment 
shown in Fig. 27 in that card slot 2030 for receiving a memory card is 
employed instead of external connector 2010, and the card in card slot 2030 
can transmit data to and from data bus BS1 via interface portion 2012. 
Figs. 30 and 31 are first and second flowcharts representing the 
20 distribution mode in the data distribution system of the modification of the 
fourth embodiment. 

The processing in the distribution mode shown in Figs. 28 and 29 are 
the same as that in the distribution mode of the fourth embodiment shown 
in Figs. 28 and 29 except for that data transmission is performed between 
25 memory card 120 and content data vending machine 3001. Therefore, the 
same steps and operations bear the same reference characters, and 
description thereof is not repeated. 

Owing to the above structures and operations, the user can receive 
more easily the encrypted music data and others distributed thereto. 
30 Further, the memory card can operate independently to receive and 

store the distributed content data in the encrypted form. This increases a 
range, from which a circuit or a unit for content data reproduction is 
selected, and therefore further improves the convenience of users. 
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[Fifth Embodiment] 

A distribution server 12, a cellular phone 105 and a memory card 140 
in a fifth embodiment differs from distribution server 11, cellular phone 
101 and memory card 120 of the second embodiment in the following points. 
5 Cellular phone 105 of the fifth embodiment has structures for 

recording and holding public encryption key KPp and certificate data Crtf, 
which are assigned to this cellular phone 105, in a form encrypted with a 
public decryption key (public authentication key) KPmaster when this 
cellular phone 105 is registered, in advance, in an administration 
10 department of an authentication mechanism or the like in the distribution 
system. 

A memory card 140 of the fifth embodiment likewise has structures 
for recording and holding public encryption key KPmedia and certificate 
data Crtf, which are assigned to this memory card, in a form encrypted 
15 with public decryption key (public authentication key) KPmaster when this 
memory card 140 is registered, in advance, in the administration 
department of the authentication mechanism or the like in the distribution 
system. 

Memory card 140 and distribution server 12 in the fifth embodiment 
20 have structures for recording and holding public decryption key (public 
authentication key) KPmaster. Public decryption key (public 
authentication key) KPmaster is common to the system, and is used by all 
the devices performing data output operations in the system, and more 
specifically is used in the operations of transmitting the session keys for 
25 certificating the fact the device is authorized to perform mutual 

transmission of data and for obtaining the encryption key used for sending 
the session key to the other party. 

Structures of cellular phone 105, memory card 140 and distribution 
server 12 of the fifth embodiment will now be described in greater detail. 
30 Fig. 32 is a schematic block diagram showing the structure of 

cellular phone 105 in the fifth embodiment. 

Cellular phone 105 differs from cellular phone 101 of the second 
embodiment shown in Fig. 12 in that a [KPp, CrtfJKPmaster holding unit 
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1525 for holding public encryption key KPp and certificate data Crtf, which 
are encrypted with public decryption key (public authentication key) 
KPmaster, is used instead of KPp holding unit 1524. 

Structures of cellular phone 105 other than the above are 
substantially the same as those of cellular phone 101 of the second 
embodiment shown in Fig. 12. The same portions bear the same reference 
numbers, and description thereof is not repeated. 

Fig. 33 is a schematic block diagram showing a structure of 
distribution server 12 corresponding to memory card 140 of the fifth 
embodiment. Distribution server 12 in Fig. 33 differs from distribution 
server 11 of the second embodiment shown in Fig. 11 in that data 
processing unit 310 further includes a KPmaster holding unit 324 for 
holding public decryption key KPmaster, and a decryption processing unit 
326 for decrypting the data, which is applied over the communication 
network to data bus BSl via communication device 350, based on public 
decryption key KPmaster output from KPmaster holding unit 324. 
Encryption processing unit 316 encrypts session key Ks generated by Ks 
generating unit 314 with public encryption key KPmedia extracted by the 
decrypting processing of decryption processing unit 326. Distribution 
control unit 312 determines whether the memory card and the cellular 
phone requesting for the distribution are regular or not, based on certificate 
data Crtf extracted by decrypting processing of decryption processing unit 
326. 

Structures of distribution server 12 other than the above are 
substantially the same as those shown in Fig. 12. The same portions bear 
the same reference numbers, and description thereof is not repeated. 

Fig. 34 is a schematic block diagram showing a structure of a 
memory card 140 of the fifth embodiment, and corresponds to Fig. 13 
showing the second embodiment. 

The structure of memory card 140 of the fifth embodiment differs 
from the structure of memory card 120 of the second embodiment in that 
memory card 140 includes a [KPmedia, Crtf]KPmaster holding unit 1442 
for holding public encryption key KPmedia and certificate data Crtf in a 
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form encrypted with public decryption key (public authentication key) 
KPmaster. Further, selector switch 1436 is not employed, and the output 
of [KPmedia, Crtf]KPmaster holding unit 1442 is directly applied to data 
bus BS3. 

5 Additionally, memory card 140 includes KPmaster holding unit 1450 

for recording and holding public decryption key KPmaster, and a 
decryption processing unit 1452 for decrypting data on data bus BS3 based 
on public decryption key KPmaster output from KPmaster holding unit 
1450. 

10 Public encryption key KPmedia, which is decrypted and extracted by 

decryption processing unit 1452, is applied to encryption processing unit 
1430. Certificate data Crtf, which is likewise decrypted and extracted by 
decryption processing unit 1452, is applied to controller 1420 via data bus 
BS5. 

15 Structures of memory card 140 other than the above are 

substantially the same as those of memory card 120 shown in Fig. 13. The 
same portions bear the same reference numbers, and description thereof is 
not repeated. 
[Distribution Mode] 

20 Figs. 35 and 36 are first and second flowcharts representing the 

distribution mode using memory card 140 shown in Fig. 34, respectively. 

In the operations shown in Figs. 35 and 36, user 1 uses cellular 
phone 105 provided with memory card 140 for receiving the content data 
distributed from distribution server 12. 
25 First, user 1 requests the distribution via cellular phone 105, e.g., by 

operating keys or buttons on touch key unit 1108 (step S100). 

The public encryption key held in memory card 140 is represented as 
public encryption key KPmedia(l) for distinguishing it from public 
encryption key KPmedia in another memory card. Further, certificate 
30 data in memory card 140 and cellular phone 105 are indicated by Crtf(l) 
and Crtf(p), respectively. 

In memory card 140, [KPmedia, Crtf]KPmaster holding unit 1442 
responds to this distribution request by outputting data [KPmedia(l), 
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Crtf(l)]KPmaster prepared by encrypting public encryption key 
KPmedia(l) and certificate data Crtf(l) (step S102'). 

Cellular phone 105 outputs data [KPmedia(l), Crtf(l)]KPm aster 
applied from memory card 140 as well as data [KPp, Crtf(p)]KPm aster 
5 applied from [KPp, CrtfjKPmaster holding unit 1525 and the distribution 
request to distribution server 12 (step S103). 

When distribution server 12 receives the distribution request as well 
as data [KPp, Crtf(p)]KPmaster and [KPmedia(l), Crtf(l)]KPm aster 
transferred from memory card 140 (step S104'), decryption processing unit 
10 326 decrypts them with public decryption key KPmaster to extract 

certificate data Crtf(l) and Crtf(p) as well as public encryption key KPp 
and public encryption key KPmedia(l) (step S105). 

Based on certificate data Crtf(l) and Crtf(p) thus decrypted, 
distribution control unit 312 makes an inquiry to distribution server 12. 
15 When both certificate data Crtf(l) and Crtf(p) of the memory card and the 
cellular phone are regular certificate data (step S106'), the processing 
moves to the next step. When at least one of them is not regular data, the 
processing ends (step S154). 

When it is determined from the inquiry that the data is regular 
20 certificate data, distribution server 12 produces session key Ks from session 
key generating unit 314. Further, encryption processing unit 316 in 
distribution server 12 encrypts session key Ks to produce encrypted session 
key [Ks]Kmedia(l) (step S108). 

Then, distribution server 12 applies encrypted session key 
25 [Ks]Kmedia(l) to data bus BS1. Communication device 350 sends 

encrypted session key [Ks]Kmedia(l), which is applied from encryption 
processing unit 316, over the communication network to memory card 140 
of cellular phone 105 (step Si 10). 

When cellular phone 105 receives encrypted session key 
30 [Ks]Kmedia(l) (step Si 12), decryption processing unit 1404 in memory card 
140 decrypts the data applied to data bus BS3 via memory interface 1200 
with private decryption key Kmedia(l) so that session key Ks is decrypted 
and extracted (step Si 14). 
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In memory card 1400, Ksl generating unit 1432 produces session key 
Ksl (step SI 15). 

In the distribution mode, since selector switch 1409 selects the state 
for successively closing contacts Pa and Pb, encryption processing unit 1406 
5 encrypts session key Ksl applied from session key generating unit 1432 via 
contact Pa and public encryption key KPcard(l) (public encryption key for 
memory card 140) applied from KPcard(l) holding unit 1405 via contact Pb 
with session key Ks (step Si 16) to produce data [KPcard(l), Ksl]Ks (step 
S118). 

10 Cellular phone 105 sends data [KPcard(l), Ksl]Ks encrypted by 

encryption processing unit 1406 to distribution server 12 (step S120). 

In distribution server 12, communication device 350 receives data 
[KPcard(l), Ksl]Ks (step S122), and decryption processing unit 318 
decrypts data [KPcard(l), Ksl]Ks applied to data bus BSl with session key 

15 Ks to decrypt and extract public encryption key KPcard(l) and session key 
Ksl (step S124). 

Then, distribution control unit 312 produces license information data 
License including license ID data and others based on the data held in 
distribution information database 304 and others (step S126). 
20 Distribution server 12 obtains encrypted content data [Dc]Kc from 

distribution information database 304, and sends it to memory card via 
communication device 350 (step S128). 

When cellular phone 105 receives encrypted content data [Dc]Kc 
(step S130), memory card 140 stores encrypted content data [Dc]Kc thus 
25 received in memory card 1412 as it is (step S132). 

Distribution server 12 obtains license key Kc from distribution 
information database 304 (step S134), and encryption processing unit 320 
encrypts license key Kc and license information data License applied from 
distribution control unit 312 with public encryption key KPcard(l) applied 
30 from decryption processing unit 318 (step S136). 

Encryption processing unit 322 receives data [Kc, License] Kcard(l) 
encrypted by encryption processing unit 320, and encrypts it with session 
key Ksl, which is applied from memory card 140, for outputting the further 
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encrypted data to data bus BSl. Communication device 350 sends data 
[[Kc, License] Kcard(l)]Ksl encrypted by encryption processing unit 322 to 
memory card 140, 

When cellular phone 105 receives data [[Kc, License]Kcard(l)]Ksl 
5 (step S142), decryption processing unit 1410 in memory card 140 decrypts 
it with session key Ksl applied from Ksl generating unit 1432 via contact 
Pf so that data [Kc, License]Kcard(l) is extracted and stored in memory 
1412 (step S146). 

In memory card 140, decryption processing unit 1416 decrypts data 
10 [Kc, License] Kcard(l) stored in memory 1412 under the control of controller 
1420, and stores decrypted license information data License in register 
1500 (step S 148). 

Through the above described, memory card 140 can receive the 
distributed data after memory card 140 itself sends public encryption key 
15 KPmedia(l) and session key Ksl to the sender side (distribution server 12) 
of the encrypted content data, and thereby memory card 140 can enter the 
state, in which the music information can be reproduced. 

Further, memory card 140 sends a notification of distribution 
acceptance to distribution server 12. When distribution server 12 receives 
20 this distribution acceptance notification (step S150), accounting database 
302 stores accounting data of user 1 (step S152), and the processing ends 
(step S154). 

In the distribution mode described above, the content data is 
distributed after the authentication of the memory card and cellular phone. 
25 Therefore, security of the system and the copyright protection are further 
enhanced. 

[Reproduction Mode] 

Figs. 37 and 38 are first and second flowcharts representing the 
reproducing processing performed in cellular phone 105 for decrypting the 
30 encrypted content data held in memory card 140 to produce music signals 
and output externally the same as music. 

Referring to Figs. 37 and 38, user 1 applies a reproduction request to 
cellular phone 105 via touch key unit 1108 or the like of cellular phone 105 
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(step S200). 

In response to this, cellular phone 105 sends data [KPp, 
Crtf(p)]KPmaster to memory card 140 (step S241). 

When memory card 140 receives data [KPp, Crtf(p)]KPmaster, 
5 decryption processing unit 1452 performs the decryption to extract public 
encryption key KPp and data Crtf (step S243). 

Based on extracted certificate data Crtf, controller 1420 determines 
whether cellular phone 105 is a regular device or not (step S245). When it 
is a regular device, the processing moves to a next step S246. When it is 
10 not regular, the processing ends (step S280). 

When it is determined that cellular phone 105 is a regular device, 
memory card 140 produces session key Ksl (step S246). Memory card 140 
further encrypts session key Ksl with extracted public encryption key KPp 
(step S248), and sends encrypted session key [Ksl]Kp thus produced to 
15 cellular phone 105 (step S250). 

When cellular phone 105 receives encrypted session key [Ksl]Kp 
from memory card 140, decryption processing unit 1522 decrypts it with 
private decryption key Kp to extract session key Ksl produced by memory 
card 140 (step S252). Then, Ks generating unit 1502 produces session key 
20 Ks (step S253), and encryption processing unit 1504 in cellular phone 105 
encrypts session key Ks produced by cellular phone 105 with session key 
Ksl to produce encrypted session key [Ks]Ksl (step S254) and send it to 
memory card 140 (step S256), 

Memory card 140 receives session key Ks, which was produced and 
25 encrypted by cellular phone 105, via data bus BS2, and decrypts it with 

session key Ksl to extract session key Ks, which was produced by cellular 
phone 105 (step S258). 

Subsequently, controller 1420 in memory card 140 determines the 
reproducibility based on license information data License held by register 
30 1500 (step S259). When it is reproducible, the processing moves to the 
next step. When it is not reproducible, the processing ends (step S280). 

In memory card 140, encrypted data [Kc, License] Kcard(l) is read 
out from memory 1412, and is decrypted by decryption processing unit 1416 
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(step S260). 

When the data read from memory 1412 is decodable with private 
decryption key Kcard(l) (step S262), license key Kc is extracted (step S264). 
When it is not decodable, the processing ends (step S280). 
5 When data read from memory 1412 is decodable, processing is 

performed to change the data, which is contained in license information 
data License in register 1500, and is related to the reproduction times (step 
S266). 

In memory card 140, encryption processing unit 1406 then encrypts 
10 license key Kc with extracted session key Ks (step S268), and applies 
encrypted license key [Kc]Ks to data bus BS2 (step S270). 

Decryption processing unit 1506 in cellular phone 105 performs the 
decryption with session key Ks to obtain license key Kc (step S272). 

Then, memory card 140 reads out encrypted content data [Dc]Kc 
15 from memory 1412, and applies it to data bus BS2 (step S274). 

Audio decoding unit 1508 in cellular phone 105 decrypts encrypted 
content data [Dc]Kc with extracted license key Kc to produce plaintext 
content data (step S276), and reproduces music signals from the content 
data for applying them to mixing unit 1510 (step S276). Digital-to-analog 
20 converter 1512 converts the data received from mixing unit 1510, and 

externally outputs the reproduced music. Then, the processing ends (step 
S232). 

Owing to the above structures, the memory card itself and the 
cellular phone itself produce session keys Ksl and Ks, respectively, and the 
25 reproduction can be performed after the encrypted data is transmitted 
using these keys. 

Further, the reproduction is performed after memory card 140 
authenticates cellular phone 105. This improves the security of the system 
and the copyright protection. 
30 [Transfer Mode or Duplication Mode] 

Figs. 39 and 40 are first and second flowcharts representing the 
transfer or duplication of the content data, key data and others between 
two memory cards. 
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It is assumed that a cellular phone 106 having substantially the 
same structure as cellular phone 105 is on the sender side, and cellular 
phone 105 is on the receiver side. A memory card 142 having 
substantially the same structure as memory card 140 is attached to cellular 
phone 106. 

Cellular phone 106 first outputs a transfer request or a duplication 
request to cellular phone 105 (step S300). 

When cellular phone 105 receives this request (step S301), memory 
card 142 reads out encrypted content data [Dc]Kc corresponding to this 
request from memory 1412, and outputs it to memory card 140 (step S302). 
Memory card 140 stores encrypted content data [Dc]Kc in memory 1412 
(step S304). 

In cellular phones 106 and 105, it is then determined whether the 
request applied in step S300 is a "transfer request" or a "duplication 
request" (steps S306 and S306')- When it is a "transfer request", memory 
card 140 responds to this transfer request by outputting data [KPmedia(l), 
Crtf(l)]KPmaster, which is prepared by encrypting public encryption key 
KPmedia(l) and certificate data Crtf(l), from [KPmedia, Crtf]KPmaster 
holding unit 1442 to cellular phone 105 (step S307). 

Cellular phone 105 sends data [KPmedia(l), Crtf(l)]KPm aster 
received from memory card 140 to cellular phone 106 (step S308). 

In cellular phone 106, when data [KPmedia(l), Crtf(l)]KPmaster 
transferred from memory card 140 is received (step S309), decryption 
processing unit 1452 in memory card 142 decrypts it to extract certificate 
data Crtf(l) and public encryption key KPmedia(l) (step S3 10). 

Based on decrypted certificate data Crtfil), controUer 1420 performs 
the authentication. When it is determined that the access is made from a 
regular memory card (step S3 11), the processing moves to a next step. 
When it is not a regular card, cellular phone 106 notifies that the transfer 
is not allowed, and memory card 142 ends the processing (step S374). 
When cellular phone 105 receives the notification that the transfer is not 
allowed (step S3 13), memory card 140 ends the processing (step S374). 

When it is determined in step S3 11 that the access is made from the 
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regular memory card, Ks2 generating unit 1432 of memory card 142 
produces session key Ks2 (step S3 14), and encryption processing unit 1430 
encrypts session key Ks2 with public encryption key KPmedia(l) (step 
S315). 

5 Cellular phone 106 sends encrypted session key [Ks2]KPmedia(l) to 

cellular phone 105 (step S3 16). Cellular phone 105 receives encrypted 
session key [Ks2]KPmedia(l) (step S3 18), and transmits it to memory card 
140. Memory card 140 decrypts it by decryption processing unit 1404, and 
accepts session key Ks2 (step S320). Further, session key Ksl is produced 

10 in memory card 140 (step S321). 

In memory card 140, public encryption key KPcard(l) and session 
key Ksl of memory card 140 are encrypted with session key Ks2 (step 
S322), and encrypted data [KPcard(l), Ksl]Ks2 is sent from cellular phone 
105 to cellular phone 106 (step S324). Cellular phone 106 receives data 

15 [KPcard(l), Ksl]Ks2 (step S326), and transfers it to memory card 142. 

In memory card 142, decryption processing unit 1410 decrypts 
encrypted data [KPcard(l), Ksl]Ks2 sent from memory card 140 with 
session key Ks2 to extract public encryption key KPcard(l) and session key 
Ksl of memory card 140 in the decrypted form (step S330). 

20 In memory card 142, data [Kc, License]Kcard(2) corresponding to 

license key Kc and license information data License, which are encrypted 
with public encryption key KPcard(2) of memory card 142, is read out from 
memory 1412 (step S332). 

Then, decryption processing unit 1416 decrypts license key Kc and 

25 license information data License with private decryption key Kcard(2) (step 
S334). 

Controller 1420 of memory card 142 substitutes a value of license 
information data License thus decrypted for a data value in register 1500 
(step S336). 

30 Further, encryption processing unit 1414 of memory card 142 

encrypts license key Kc and license information data License with public 
encryption key KPcard(l) of memory card 140 extracted by decryption 
processing unit 1410 (step S338). 
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The data encrypted by encryption processing unit 1414 in memory 
card 142 is further applied to encryption processing unit 1406 via selector 
switch 1409 having contact Pd in the closed position, and encryption 
processing unit 1406 of memory card 142 encrypts data [Kc, 
5 License]Kcard(l) with session key Ksl to produce data [[Kc, 
License]Kcard(l)]Ksl (step S340). 

Then, memory card 142 outputs data [[Kc, License] Kcard(l)]Ksl to 
cellular phone 106 (step S342), and cellular phone 106 sends data [[Kc, 
License]Kcard(l)]Ksl to cellular phone 105 (step S344). 

10 Cellular phone 105 receives data [[Kc, License]Kcard(l)]Ksl (step 

S346), and transmits it to memory card 140. Decryption processing unit 
1410 of memory card 140 decrypts encrypted data [[Kc, 
License]Kcard(l)]Ksl to accept data [Kc, License] Kcard(l) (step S348). 
In memory card 140, data [Kc, License]Kcard(l) decrypted by 

15 decryption processing unit 1410 based on session key Ksl is stored in 

memory 1412 (step S350). In memory card 140, decryption processing unit 
1416 decrypts data [Kc, License]Kcard(l) based on private decryption key 
Kcard(l), and decrypted license information data License is stored in 
register 1500 (step S352). 

20 After the above processing, the processing in the transfer mode as 

well as the processing of memory cards 140 and 142 in the duplication 
mode are performed similarly to those of memory cards 120 and 122 of the 
second embodiment, which are already described with reference to Figs. 18 
and 19. Therefore, description thereof is not repeated. 

25 Owing to the above structure, each of the memory cards of the sender 

and the receiver produces the session key by itself, and thereby the transfer 
operation and the duplication operation are allowed. 

Accordingly, the encryption key of the data transmitted on the data 
bus and others is unique to every session and every device so that the 

30 security of data transmission is further improved. 

Owing to the above structure, data transfer from memory card 142 to 
memory card 140 can be performed without using the cellular phone 
terminal having session key generating circuit 1502 described above, but 
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with the interface device, which can connects the memory cards to each 
other. This further improves the convenience of the user. 

In the transfer mode, the license information data, which is 
contained in the reproduction information for restricting the times of 
reproduction, is updated by changing the license information data recorded 
in memory 1412 into the license information data recording the times of 
reproduction, which were corrected upon every reproduction by register 
1500. In this manner, even when the content data moves between the 
memory cards, such a control can be performed that the times of 
reproduction of the content data, of which reproduction is allowed only 
restricted times, do not exceed the reproduction times determined at the 
time of distribution. 

Further, the transfer operation is performed after memory card 142 
authenticates memory card 140 so that the system security and the copy 
right protection are improved. 
[Sixth Embodiment] 

Fig. 41 is a schematic block diagram showing a structure of content 
data vending machine 3010 of a sixth embodiment of the invention, and 
corresponds to Fig. 27 showing the fourth embodiment. 

In the following description, a memory slot 2030 for interface to 
memory card 140 already described in connection with the fifth 
embodiment is employed, and memory card 140 and content data vending 
machine 3010 can directly transmit the data to and from each other 
without interposing cellular phone 105 therebetween, as can be done in the 
modification of the fourth embodiment. 

Naturally, such a structure may be employed that connector 2010 is 
used for transmitting the data between memory card 140 and content data 
vending machine 3010 via cellular phone 105. 

Accordingly, the structure of content data vending machine 3010 
differs from the structure of content data vending machine 3000 of the 
fourth embodiment in that memory slot 2030 is employed instead of 
connector 2010, and data processing unit 2100 further includes a KPmaster 
holding unit 324 for holding public decryption key KPmaster and 
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decryption processing unit 326 for decrypting the data, which is applied to 
data bus BSl via communication device 350 and the communication 
network, based on public decryption key KPmaster output from KPmaster 
holding unit 324. Encryption processing unit 316 encrypts session key Ks 
5 generated by Ks generating unit 314 with public encryption key KPmedia, 
which is extracted by the decrypting processing of decryption processing 
unit 326. Based on certificate data Crtf extracted by the decrypting 
processing of decryption processing unit 326, distribution control unit 312 
determines whether the memory card requesting the distribution is a 
10 regular memory card or not. 

Structures of content data vending machine 3010 other than the 
above are substantially the same as those of content data vending machine 
3000 shown in Fig. 27. The same portions bear the same reference 
numbers, and description thereof is not repeated. 
15 [Distribution Mode] 

Figs. 42 and 43 are first and second flowcharts representing the 
distribution operation in the data distribution system using content data 
vending machine 3010 already described with reference to Fig. 41. 

Figs. 42 and 43 represent operations, in which user 1 uses memory 
20 card 140 for receiving the content data (music data) distributed from 
content data vending machine 3010. 

First, the user applies the distribution request, e.g., by operating 
keys or buttons on keyboard 2004 of content data vending machine 3010 
(step S500). 

25 Content data vending machine 3010 outputs a request for sending 

data [KPmedia, CrtfJKPmaster for authentication to memory card 140 (step 
S502'). 

In response to this request for sending, [KPmedia, CrtfJKPmaster 
holding unit 1442 in memory card 140 outputs data [KPmedia(l), 
30 Crtf(l)]KPmaster, which is prepared by encrypting public encryption key 
KPmedia(l) and certificate data Crtf(l), to content data vending machine 
3010 (step S507). 

When content data vending machine 3010 receives data [KPmedia(l), 
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Crtf(l)]KPmaster transferred from memory card 140, decryption processing 
unit 326 decrypts it with public decryption key KPmaster to extract 
certificate data Crtf(l), public encryption key KPp and public encryption 
key KPmedia(l) (step S509). 
5 Based on decoded certificate data Crtf(l), distribution control unit 

312 determines whether the access is made by a regular memory card or 
not. When the regular card is used (step S51 1), the processing moves to 
the next step. When the regular memory card is not used, record of 
abnormal ending is stored in the administration database of administration 
10 server 2200 (step S561), and the processing ends (step S562). 

When content data vending machine 3010 determines in step S511 
that the regular card is used, display 2002 displays a message or the like 
requesting coin dropping, and the charge is collected (step S512). 

Then, session key generating unit 314 in content data vending 
15 machine 3010 produces session key Ks. In content data vending machine 
3010, encryption processing unit 316 encrypts session key Ks with received 
public encryption key KPmedia(l) to produce encrypted session key 
[Ks]Kmedia(l) (step S514). 

Then, content data vending machine 3000 applies encrypted session 
20 key [Ks]Kmedia(l) to data bus BSl, and outputs it from card slot 2030 (step 
S516). 

In memory card 140, decryption processing unit 1404 decrypts 
encrypted session key [Ks]Kmedia(l), which is applied via interface 1200 to 
data bus BS3, with private decryption key Kmedia(l) to extract session key 

25 Ks in the decrypted form (step S520). Further, session key Ksl is 
produced in memory card 140 (step S521). 

In the distribution mode, selector switch 1408 is in the state closing 
contact Pa so that encryption processing unit 1406 encrypts public 
encryption key KPcard(l) applied from KPcard(l) holding unit 1405 via 

30 contact Pa with session key Ks (step S522) to produce data [KPcard(l)]Ks 
(step S524). 

In content data vending machine 3010, data [KPcard(l)]Ks is 
received via card slot 2030 (step S528), and decryption processing unit 318 
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decrypts data [KPcard(l)]Ks applied to data bus BSl with session key Ks to 
extract public encryption key KPcard(l) in the decrypted form (step S530). 

Then, distribution control unit 312 produces license information data 
License containing license ID data and others based on the data held in 
5 distribution information database 304 and others (step S532). 

Content data vending machine 3010 obtains encrypted content data 
[Dc]Kc from distribution information database 304, and sends it to memory 
card 140 via card slot 2030 (step S534). 

Memory card 140 receives and stores encrypted content data [Dc]Kc 
10 in memory 1412 as it is (step S538). 

Content data vending machine 3010 obtains license key Kc from 
distribution information database 304 (step S540), and encryption 
processing unit 320 encrypts license key Kc and license information data 
License sent from distribution control unit 312 with public encryption key 
15 KPcard(l) applied from decryption processing unit 318 (step S542). 

Encryption processing unit 322 receives data [Kc, License]Kcard(l) 
encrypted by encryption processing unit 320, and further encrypts it with 
session key Ksl to apply data [[Kc, License]Kcard(l)]Ksl to data bus BSl 
so that data [[Kc, License]Kcard(l)]Ksl thus encrypted by encryption 
20 processing unit 322 is sent to memory card 140 (step S546). 

In memory card 1410, decryption processing unit 1410 decrypts data 
[[Kc, License]Kcard(l)]Ksl with session key Ksl to extract and store data 
[Kc, License]Kcard(l) in memory 1412 (step S552). 

Further, in memory card 140, decryption processing unit 1416 
25 controlled by controller 1420 decrypts data [Kc, License] Kcard(l) stored in 
memory 1412, and stores decrypted license information data License in 
register 1500 (step S554). 

By the operations described above, memory card 140 enters the state, 
in which the music can be produced from the content data. 
30 Further, memory card 140 sends a notification of distribution 

acceptance to content data vending machine 3010 (step S558). When 
content data vending machine 3010 receives the distribution acceptance, a 
sales record is sent to the administration database in administration server 
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2200 (step S560), and the processing ends (step S562). 

Owing to the structures described above, the user can receive more 
easily the distributed content data such as music data in the encrypted 
form. Further, the content data is distributed after the authentication of 
the memory card. Therefore, the system security and the copyright 
protection are further enhanced. 
[Seventh Embodiment] 

Fig. 44 is a schematic block diagram showing a structure of a cellular 
phone 107 of the seventh embodiment. 

Cellular phone 107 in Fig. 44 differs from cellular phone 105 of the 
fifth embodiment shown in Fig. 32 in that cellular phone 107 includes a 
Kcom holding unit 1530 for holding a decryption key Kcom common to 
reproduction devices (i.e., cellular phones), and a decryption processing 
unit 1532, which receives the output of decryption processing unit 1506, 
performs the decryption with decryption key Kcom, and applies license key 
Kc to audio decoding unit 1508. 

Structures of cellular phone 107 other than the above are 
substantially the same as those of cellular phone 105 of the fifth 
embodiment shown in Fig. 32. The same portions bear the same reference 
numbers, and description thereof is not repeated. Memory card 140 has 
substantially the same structure. 

Thus, the structures in the seventh embodiment are substantially 
the same as those of the fifth embodiment except for that license key Kc 
transmitted between the devices forming the system takes the further 
encrypted form of [Kc]Kcom before license key Kc is finally applied to audio 
decoding unit 1508 in the seventh embodiment. 

In the following description, it is assumed that decryption key Kcom 
is a common key. However, the invention is not restricted to this. For 
example, such a structure may be employed that encryption is performed 
with public key KPcom, and decryption is performed with private 
decryption key Kcom asymmetrical to public encryption key KPcom. 

Fig. 45 is a schematic block diagram showing a structure of a 
distribution server 13 corresponding to cellular phone 107 in the seventh 
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embodiment. The structure of distribution server 13 differs from the 
structure of distribution server 12 of the fifth embodiment shown in Fig. 33 
in that data processing unit 310 further includes a Kcom holding unit 330 
holding decryption key Kcom, and an encryption processing unit 332, which 
5 decrypts license key Kc applied from distribution information database 304 
via distribution control unit 312 with decryption key Kcom to produce and 
apply an encrypted license key [Kc]Kcom to encryption processing unit 320. 

Structures of distribution server 13 other than the above are 
substantially the same as those of distribution server 12 of the fifth 
10 embodiment shown in Fig. 33. The same portions bear the same reference 
numbers, and description thereof is not repeated. 
[Distribution Mode] 

Figs. 46 and 47 are first and second flowcharts representing the 
distribution mode using distribution server 13 and cellular phone 107 
15 already described with reference to Figs. 44 and 45. 

Figs. 46 and 47 likewise represent operations, in which user 1 uses 
memory card 140 for receiving the content data (music data) distributed 
from distribution server 13. 

However, the processing shown in Figs. 46 and 47 is substantially 
20 the same as the processing in the distribution mode of the fifth embodiment 
shown in Figs. 35 and 36 except for that distribution server 13 obtains 
license key Kc from distribution information database 304 in step S3 14, 
and then key Kc is encrypted by encryption processing unit 322 (step S135), 
and will be transmitted as encrypted license key [Kc]Kcom. Therefore, 
25 description thereof is not repeated. 

The distribution mode described above further enhances the system 
security, as compared with the fifth embodiment. 
[Reproducing Operation] 

Figs. 48 and 49 are first and second flowcharts representing the 
30 reproducing operation, in which music signals are reproduced from 

encrypted content data held in memory card 140 of cellular phone 107, and 
are externally output as music. 

However, the reproducing operations shown in Figs. 48 and 49 are 
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the same as the reproducing operations of the fifth embodiment shown in 
Figs. 37 and 38 in that the key read in step S264 from memory 1412 of 
memory card 140 is encrypted license key [Kc]Kcom, and is transmitted as 
encrypted license key [Kc]Kcom to cellular phone 107, and decryption 
5 processing unit 1532 in cellular phone 107 decrypts key [Kc]Kcom in step 
S273 to produce and output license key Kc to audio decoding unit 1508. 
Therefore, description of the same operations is not repeated. 

Owing to the above structure, the system security and the copyright 
protection are further improved in the reproduction mode. 
10 [Transfer or Duplication Mode] 

Figs. 50 and 51 are first and second flowcharts representing the 
processing of transferring or duplicating the content data, key data and 
others between two memory cards in the seventh embodiment. 

The operations in Figs. 50 and 51 are substantially the same as those 
15 in the transfer or duplication mode of the fifth embodiment already 

described with reference to Figs. 39 and 40 except for that license key Kc is 
transmitted as encrypted license key [Kc]Kcom. Therefore, description 
thereof is not repeated. 

The above structure further improves the system security and 
20 copyright protection in the transfer and duplication mode. 
[Eighth Embodiment] 

Fig. 52 is a schematic block diagram showing a structure of a content 
data vending machine 3020 of an eighth embodiment of the invention, and 
corresponds to Fig. 41 showing the sixth embodiment. 
25 The structure of content data vending machine 3020 differs from the 

structure of content data vending machine 3010 of the sixth embodiment in 
that data processing unit 2100 further includes Kcom holding unit 330 
holding decryption key Kcom, and encryption processing unit 332, which 
encrypts license key Kc applied from distribution information database 304 
30 via distribution control unit 312 with decryption key Kcom, and applies 
encrypted license key [Kc]Kcom to encryption processing unit 320. 

Structures of content data vending machine 3020 other than the 
above are substantially the same as those of content data vending machine 
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3010 of the sixth embodiment shown in Fig. 41. The same portions bear 
the same reference numbers, and description thereof is not repeated. 

Naturally, the eighth embodiment can employ the structure, in 
which connector 2010 is used for transmitting data between memory card 
5 140 and content data vending machine 3020 via cellular phone 107. 
[Distribution Mode] 

Figs. 53 and 54 are first and second flowcharts representing the 
distribution mode in the data distribution system, which uses content data 
vending machine 3020 already described with reference to Fig. 52. 
10 Figs. 53 and 54 represent operations, in which user 1 uses memory 

card 140 for receiving the content data (music data) distributed from 
content data vending machine 3020. 

However, the processing shown in Figs. 53 and 54 is substantially 
the same as the processing in the distribution mode of the fifth embodiment 
15 shown in Figs. 42 and 43 except for that content data vending machine 

3020 obtains license key Kc from distribution information database 304 in 
step S540, and then encryption processing unit 322 encrypts license key Kc 
(step S541) for transmitting it as encrypted license key [Kc]Kcom thereafter. 
Therefore, description thereof is not repeated. 
20 The distribution mode described above further enhances the system 

security, as compared with the sixth embodiment. 

In the above description, the encrypted content data is distributed 
and stored in memory 1412 of memory card 110, 120 or 140, and then 
license key Kc and license information data License are received. In 
25 contrast to the above, such a manner may be employed that the encrypted 
content data is distributed and received after license key Kc and license 
information data License are distributed and stored in register 1500 of 
memory card 110, 120 or 140. 

In the transfer mode, any one of the encrypted content data, license 
30 key Kc and license information data License can be transferred prior to the 
others, similarly to the distribution mode. 

In the embodiments described above, additional data Di may be 
distributed as a part of the distributed data together with the encrypted 
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content data. This additional data Di may be non-encrypted data 
appended to the content data, and may be, for example, copyright 
information related to the music data (content data) such as title of a tune 
of the music data and names of a performer (e.g., singer or player), a 
5 composer and/or a lyric writer, and/or information for accessing distribution 
server 10 or 11, or content data vending machine 3000 or 3001. Additional 
data Di is stored in memory 1412 such that additional data Di can be 
processed together with the content data in the distribution, transfer and 
duplication operations, and is separated from the content data for allowing 
10 independent access in the reproducing operation. 
[Ninth Embodiment] 

Fig. 55 is a schematic block diagram showing a structure of terminal 
1202 of memory card 110, 120, 140 or the like described above. 

It is assumed that the structure of terminal 1202 in Fig. 55 is 
15 employed in memory card 140. 

Memory card 140 is serially supplied with data and commands from 
terminal 1202. In contrast to this, it is assumed that the data and 
commands are transmitted in parallel to data bus BS3 in memory card 140. 
Fig. 55 is a schematic block diagram showing a structure for 
20 performing serial-to-parallel conversion of data for input to memory card 
140 and parallel-to-serial conversion of data for output. 

A data pin 1460 in terminal 1202 is supplied with a signal CS, which 
is a signal for instructing timing of input and output of data. For example, 
data applied to a data input pin 1462 attains L-level when a predetermined 
25 period expires after signal CS becomes active (L-level), whereby the timing 
of data input is detected. Similarly, the data output to a data output pin 
1464 attains L-level when a predetermined period expires after activation 
(L-level) of signal CS, whereby the timing of data output is detected. An 
interface controller 1490 controls external input of data via data bus BS3 to 
30 memory card 140, and also controls external output of data via data bus 
BS3 from memory card 140. 

In the data input operation, data applied to data input pin 1462 is 
input via buffer 1468 to D-flip-flops 1470.0 - 1470.7 connected in tandem. 
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When eight bits of data are input, data of all D-flip-flops 1470.0 - 1470.7 
are updated. At this point in time, data are output in parallel to data bus 
BS3 from data buffers 1427.0 - 1427.7 under the control of interface 
controller 1490. 

5 At the time of data output, data are given in parallel from data bus 

BS3 via multiplexers 1476.1 - 1476.7, and are stored in D-flip-flops 1474.0 - 
1474.7. Thereafter, connection of multiplexers 1476.1 - 1476.7 is changed 
under the control of interface controller 1490 to connect D-flip-fLops 1474.0 - 
1474.7 in tandem. In this state, data stored in respective D-flip-flops 

10 1474.0 - 1474.7 is serially output from data output pin 1464 via an output 
buffer 1470 controlled by interface controller 1490. 
[Modification of the Ninth Embodiment] 

Fig. 56 is a schematic block diagram showing a modification of the 
structure of terminal 1202 of memory card 140, and particularly showing a 

15 structure, in which the data input pin(s) can be changed in number from 
one to two or four for improving the data input speed. 

The structure of this modification differs from the structure shown in 
Fig. 55 in that the structure in Fig. 56 includes four data input pins 1462.0 
- 1462.3 as well as corresponding input buffers 1468.0 - 1468.3. Further, 

20 the structure in Fig. 56 includes a multiplexer 1467 for transmitting 

commands, which are applied to data input pins 1462.0 - 1462.3, from input 
buffers 1468.0 - 1468.3 to interface controller 1490, and multiplexers 
1469.1 - 1469.7 for selectively applying data or commands, which are 
applied to data input pins 1462.0 - 1462.3, from input buffers 1468.0 - 

25 1468.3 to D-flip-flops 1470.0 - 1470.7. 

Operations will now be described briefly. 

After the power-on, memory card 140 first enters the state for 
receiving data only from one data input pin 1462.0. 

In the following description, it is assumed that interface controller 
30 1490 controls multiplexers 1469.1 - 1469.7 in accordance with a command, 
which is externally applied via data input pins 1462.0 - 1462.3 and 
multiplexer 1467 to interface controller 1490, and thereby the operation 
mode changes into a mode for receiving data in parallel via four data input 
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pins 1462.0 - 1462.3. 

Data applied to four data input pins 1462.0 - 1462.3 in accordance 
with first timing is applied to D-flip-flops 1470.0 - 1470.3 via multiplexers 
1469.1 - 1469.3, respectively. 
5 In accordance with second timing, connection of multiplexers 1469.1 

- 1469.7 changes so that the outputs of D-flip-flops 1470.0 - 1470.3 are 
applied to D-flip-flops 1470.4 - 1470.7 for storing. In accordance with third 
timing, data applied to four data input pins 1462.0 - 1462.3 is applied via 
multiplexers 1469.1 - 1469.3 to D-flip-flops 1470.0 - 1470.3. 

10 By the above operations, eight bits of data are completely stored in 

D-flip-flops 1470.0 - 1470.7. Thereafter, eight bits of data are applied in 
parallel to data bus BS3, similarly to the operations shown in Fig. 55. 

Operations for data output are performed similarly to that of the 
structure shown in Fig. 55. 

15 Owing to the structure described above, it is possible to reduce a time 

required for data distribution, and particularly for operations of 
distributing data to memory card 140 for purchasing content data from 
content data vending machine 2000 or the like. 

For some of the embodiments described above, description has been 

20 given on the processing of transferring content data between two memory 
cards, which are attached to two cellular phones, respectively, by utilizing, 
e.g., a transceiver mode of PHSs. In these embodiments utilizing the 
transceiver mode or the like, structures are not restricted to those already 
described, and two memory cards may be simultaneously attached to one 

25 cellular phone, if allowed, for transferring the content data between the two 
memory cards on the same cellular phone. The transfer of the content 
data in this case can be performed substantially in the same manner as 
those in the various embodiments already described except for the 
transmission between the two cellular phones is ehminated. 

30 In the respective embodiments already described, memory 1412 

stores license key Kc in the encrypted form. However, register 1500 may 
store license key Kc in a decrypted plaintext form. This is allowed because 
register 1500 is arranged within the TRM region, and license key Kc cannot 
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be read out from an external region. 

In the respective embodiments already described, encrypted content 
data [Dc]Kc and license key Kc are stored in the memory card releasably 
attached to cellular phone 100 or the like. However, a circuit having a 
5 function similar to that of the memory card may be incorporated into a 

cellular phone. In this case, the keys are not defined corresponding to the 
respective types of memory cards and the respective memory cards, but are 
defined corresponding to the respective types of the incorporated circuits 
and corresponding to the respective incorporated circuits. 
10 Although the present invention has been described and illustrated in 

detail, it is clearly understood that the same is by way of illustration and 
example only and is not to be taken by way of limitation, the spirit and 
scope of the present invention being limited only by the terms of the 
appended claims. 
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CLAIMS 

1. (Amended) A data distribution system for distributing at least a 
license key for decrypting encrypted content data between said license key 
5 and said encrypted content data to each of terminals of a plurality of users 
from a content data supply device, comprising: 

a first interface unit (350) for externally transmitting data; 
a first session key generating unit (314) for producing a first 
symmetric key to be updated in response to every transmission of said 
10 license key; 

a session key encryption processing unit (3 16) for encrypting said 
first symmetric key with a first public encryption key, and applying the 
encrypted first symmetric key to said first interface unit; 

a session key decrypting unit (318) for decrypting a second 
15 symmetric key and a second public encryption key returned after being 

encrypted with said first symmetric key based on said first symmetric key 
to extract said second symmetric key and said second public encryption key; 

a first license data encryption processing unit (320) for encrypting 
said license key with said second public encryption key extracted by said 
20 session key decrypting unit; and 

a second license data encryption processing unit (822) for further 
encrypting the output of said first license data encryption processing unit 
with said second symmetric key extracted by said session key decrypting 
unit, and supplying the encrypted output to said first interface unit, 
25 wherein 

each of said terminals includes: 

a second interface unit for externally transmitting the data, and 
a data storing unit (140) for receiving and storing at least said 
license key from said content data supply device; 
30 said first public encryption key is predetermined for said data 

storing unit; and 

said data storing unit includes: 

a first key holding unit (1402) for holding a first private decryption 
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key for decrypting the data encrypted with said first public encryption key, 

a first decryption processing unit (1404) for receiving and decrypting 
said first symmetric key encrypted with said first public encryption key, 

a second key holding unit (1405) for holding said second public 
5 encryption key, 

a second session key generating unit (1432) for producing said 
second symmetric key, 

a first encryption processing unit (1406) for encrypting said second 
public encryption key and said second symmetric key based on said first 
10 symmetric key, and outputting the encrypted keys to said second interface 
unit, 

a second decryption processing unit (1410) for receiving said license 
key encrypted with said second symmetric key, further encrypted with said 
second public encryption key and applied from said second license data 

15 encryption processing unit, and decrypting the received license key based 
on said second symmetric key, 

a third key holding unit (1415) for holding a second private 
decryption key used for decrypting the data encrypted with said second 
public encryption key and being unique to said data storing unit, 

20 a third decryption processing unit (1416) for receiving said license 

key encrypted with said second public encryption key, and decrypting the 
received license key with said second private decryption key for extraction, 
and 

a memory unit (1412) for storing said encrypted content data and 
25 said license key. 

2. (Amended) The data distribution system according to claim 1, 
wherein 

each of said terminals further includes a content reproducing unit; 
30 said content reproducing unit includes: 

a fourth key holding unit (1520) for holding a third private 
decryption key used for decrypting the data encrypted with said third 
public encryption key, 



- 72 - 



1AM1 6 g :l ;l. E! „ O fi 1. «9 Oi 



Translation of Annexes to IPER 
(SUBSTITUTE SHEETS) 

a fourth decryption processing unit (1522) for decrypting and 
extracting said second symmetric key encrypted with said third public 
encryption key in said data storing unit, 

a third session key generating unit (1502) for producing a third 
symmetric key, 

a second encryption processing unit (1504) for encrypting said third 
symmetric key based on said second symmetric key decrypted and extracted 
by said fourth decryption processing unit, and outputting the encrypted 
third symmetric key, 

a fifth decryption processing unit (1506) for decrypting and 
extracting said license key encrypted based on said third symmetric key in 
said data storing unit, and 

a data reproducing unit (1508) for receiving said encrypted content 
data recorded in said memory unit from said data storing unit, and 
decrypting said encrypted content data with said extracted license key for 
reproduction; 

said data storing unit further includes: 

a third encryption processing unit (1430) for encrypting said second 
symmetric key produced by said second session key generating unit based 
on said third public encryption key; and 

said data storing unit sends instructions to receive by said content 
reproducing unit said third symmetric key encrypted with said second 
symmetric key, to encrypt by said first encryption processing unit said 
license key stored in said memory unit with said third symmetric key 
decrypted and extracted based on said second symmetric key by said second 
decryption processing unit (1410), and to output the encrypted license key 
to said content reproducing unit. 

3. (Amended) The data distribution system according to claim 1, 
wherein 

said data storing unit further includes: 

a third encryption processing unit (1430) for encrypting said second 
symmetric key with said first public encryption key of a different data 
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storing unit in a transfer processing for transferring at least said license 
key to said different data storing unit, and 

a fourth encryption processing unit (1414) for performing the 
encrypting processing with the second public encryption key of said 
different data storing unit; 

said second session key generating unit generates said second 
symmetric key in accordance with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth 
symmetric key applied from said different data storing unit after being 
encrypted with said second symmetric key and the second public encryption 
key of said different data storing unit in accordance with said transfer 
processing; 

said fourth encryption processing unit encrypts said license key 
stored in said memory unit with the second public encryption key of said 
different data storing unit in accordance with said transfer processing; and 

said first encryption processing unit encrypts the output of said 
fourth encryption processing unit with said fourth symmetric key, and 
outputs the encrypted output to said different data storing unit in 
accordance with said transfer processing. 

4. (Amended) The data distribution system according to claim 3, 
wherein 

transfer accepting processing of said data storing unit for receiving 
said license key transferred from said different data storing unit in 
accordance with transfer processing of said different data storing unit is 
performed such that: 

said first decryption processing unit decrypts and extracts said 
second symmetric key encrypted with said first public encryption key and 
generated by said different data storing unit in said transfer acceptance 
processing, 

said second session key generating unit generates said fourth 
symmetric key in accordance with said transfer acceptance processing, 
said first encryption processing unit encrypts said second public 
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encryption key and said fourth symmetric key with said second symmetric 
key for output the encrypted keys in accordance with said transfer 
acceptance processing, and 

said second decryption processing unit decrypts with said fourth 
5 symmetric key the license key encrypted with said second public encryption 
key of said different data storing unit, and further encrypted with said 
fourth symmetric key. 

5. (Amended) The data distribution system according to claim 1, 
10 wherein 

said memory unit receives the output of said second decryption 
processing unit, and stores said license key encrypted with said second 
public encryption key, and 

said third decryption processing unit decrypts said license key 
15 encrypted with said second public encryption key stored in said memory 
unit with said second private decryption key. 

6. (Amended) The data distribution system according to claim 1, 
wherein 

20 said third decryption processing unit receives the output of said 

second decryption processing unit, and decrypts said license key encrypted 
with said second public encryption key with said second private decryption 
key, and 

said memory unit receives the output of said third decryption 
25 processing unit, and stores said license key. 

7. (Amended) A data supply device for supplying at least a license 
key for decrypting encrypted content data between said license key and 
said encrypted content data to each of a plurality of user terminals 

30 provided with a data storing unit capable of storing at least said license key, 
comprising: 

an interface unit (350) for externally transmitting data; 

a session key generating unit (314) for producing a first symmetric 
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key to be updated in response to every transmission of said license key; 

a session key encryption processing unit (316) for encrypting said 
first symmetric key with a first public encryption key predetermined 
corresponding to said data storing unit of said user terminal, and applying 
the encrypted first symmetric key to said interface unit; 

a session key decrypting unit (3 18) for decrypting and extracting a 
second symmetric key and a second public encryption key returned after 
being encrypted with said first symmetric key; 

a first license data encryption processing unit (320) for encrypting 
said license key for decrypting said encrypted content data with said second 
public encryption key decrypted by said session key decrypting unit; and 

a second license encryption processing unit (322) for further 
encrypting the output of said first license data encryption processing unit 
with said second symmetric key, and applying the encrypted output to said 
interface unit for supply to each of said terminals. 

8. (Amended) The data supply device according to claim 7, wherein 
said first public encryption key is applied from said terminal via said 

interface unit, and 

said session key encryption processing unit encrypts said first 
symmetric key with said applied first public encryption key. 

9. (Amended) The data supply device according to claim 7, wherein 
said data supply device further includes: 

an authentication key holding unit for holding an authentication key, 
an authentication decryption processing unit (326) for decrypting 
and extracting authentication data being decodable with said 
authentication key, obtained from said terminal via said interface unit and 
predetermined for said data storing unit of said terminal, and 

a control unit (312) for performing authentication processing based 
on said authentication data extracted by said authentication decryption 
processing unit, and determining whether at least the license key is to be 
supplied to the terminal providing said obtained authentication data or not. 
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10. (Amended) The data supply device according to claim 9, 
wherein 

said first public encryption key is obtained from each of said 
terminals via said interface unit after being encrypted together with said 
authentication data into a form decodable with said authentication key, 
and 

said authentication data decryption processing unit decrypts with 
said authentication key said authentication data and said first public 
encryption key obtained via said interface unit and encrypted into a form 
decodable with said authentication key, extracts said authentication data 
and said first public encryption key, and outputs said extracted 
authentication data and said extracted first public encryption key to said 
control unit and said session key encryption processing unit, respectively. 

11. (Amended) The data supply device according to claim 7, 
wherein 

said data supply device includes: 

an encryption key holding unit for holding a terminal common 
encryption key for performing encryption allowing decryption in each of 
said terminals, and 

a third license encryption processing unit for encrypting said license 
key with said terminal common encryption key held in said encryption key 
holding unit, and outputting the encrypted license key to said first license 
encryption processing unit. 

12. (Amended) A data supply device for supplying at least a license 
key for decrypting encrypted content data between said license key and 
said encrypted content data to a plurality of recording devices, comprising: 

an interface unit (350) for transmitting data to and from said 
recording device; 

a connecting unit (2010, 2030) for connecting said interface unit and 
said recording device for supply of the data; 
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a first session key generating unit (314) for producing a first 
symmetric key to be updated in response to every supply of said license key; 

a session key encryption processing unit (316) for encrypting said 
first symmetric key with a first public encryption key predetermined 
corresponding to said recording device, and applying the encrypted first 
symmetric key to said interface unit; 

a session key decrypting unit (318) for decrypting and extracting a 
second symmetric key and a second public encryption key applied from the 
recording device connected to said connecting unit after being encrypted 
with said first symmetric key; 

a first license data encryption processing unit (320) for encrypting 
said license key for decrypting said encrypted content data with said second 
public encryption key decrypted by said session key decrypting unit; and 

a second license encryption processing unit (322) for further 
encrypting the output of said first license data encryption processing unit 
with said second symmetric key, and applying the encrypted output to said 
interface unit for supply to said recording device connected to the 
connecting unit. 

13. (Amended) The data supply device according to claim 12, 
wherein 

each of said recording devices is a memory card, and 

said recording device can be directly connected to said memory card. 

14. (Amended) The data supply device according to claim 12, 
wherein 

said first public encryption key is applied from each of said recording 
devices via said interface unit, and 

said session key encryption processing unit encrypts said first 
symmetric key with said applied first public encryption key. 

15. (Amended) The data supply device according to claim 12, 
further comprising: 
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an authentication decryption processing unit (326) for decrypting 
and extracting authentication data being decodable with an authentication 
key, and obtained from said recording device via said interface unit, and 

a control unit (312) for performing authentication processing based 
5 on said authentication data extracted by said authentication decryption 
processing unit, and determining whether at least the license key is to be 
output to said recording device or not. 

16. (Amended) The data supply device according to claim 15, 
10 wherein 

said first public encryption key is obtained from said recording 
devices via said interface unit after being encrypted together with said 
authentication data into a form decodable with said authentication key, 
and 

15 said authentication data decryption processing unit decrypts with 

said authentication key said authentication data and said first public 
encryption key obtained via said interface unit and encrypted into a form 
decodable with said authentication key, extracts said authentication data 
and said first public encryption key, and outputs said extracted 

20 authentication data and said extracted first public encryption key to said 
control unit and said session key encryption processing unit, respectively. 

17. (Amended) The data supply device according to claim 10, 
wherein 

25 said data supply device includes: 

an encryption key holding unit (330) attached to said recording 
device for obtaining said license key and said encrypted content data stored 
in said recording device, and holding a terminal common encryption key for 
performing encryption allowing decryption by a plurality of terminals 
30 decrypting said encrypted content data to obtain the content data, and 

a third license encryption processing unit (332) for encrypting said 
license key based on said terminal common encryption key held in said 
encryption key holding unit, and outputting the encrypted license key to 
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said first license encryption processing unit. 

18. (Amended) The data supply device according to claim 12, 
wherein 

5 said recording device includes means for changing the number of 

terminals connected to said interface unit for externally receiving the data, 
and performing switching between a serial mode for performing data 
communication on a bit-by-bit basis and a parallel mode for performing 
data communication by multiple bits at a time; 
10 said data supply device supplies said encrypted content data 

together with said license key to said recording device via said interface 
unit; and 

said interface unit instructs the parallel mode to said recording 
device when at least said encrypted content data is to be input to said 
15 recording device. 

19. (Amended) A terminal device for receiving at least a license key 
for decrypting encrypted content data between said license key and said 
encrypted content data distributed from a data supply device, comprising: 

20 a first interface unit for externally transmitting data; and 

a data storing unit (140) for receiving and storing said license key, 
wherein 

said data storing unit includes: 

a first key holding unit (1402) for holding a first private decryption 
25 key for decrypting the data encrypted with a first public encryption key, 

a first decryption processing unit (1404) for receiving and decrypting 
a first symmetric key encrypted with said first public encryption key and 
externally input, 

a second key holding unit (1405) for holding a second public 
30 encryption key unique to said data storing unit, 

a second session key generating unit (1432) for producing a second 
symmetric key, 

a first encryption processing unit (1406) for encrypting said second 
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public encryption key and said second symmetric key based on said first 
symmetric key, and outputting the encrypted keys to said first interface 
unit, 

a second decryption processing unit (1410) for receiving the license 
5 key encrypted with said second public encryption key and further 

encrypted with said second symmetric key, and decrypting the received 
license key based on said second symmetric key, 

a third key holding unit (1415) for holding a second private 
decryption key used for decrypting the data encrypted with said second 
10 public encryption key and being unique to said data storing unit, 

a memory unit (1412) for receiving the output of said second 
decryption processing unit, and storing said license key encrypted with said 
second public encryption key, and 

a third decryption processing unit (1416) for receiving the license key 
15 encrypted with said second public encryption key stored in said memory 
unit, and decrypting the received license key with said second private 
decryption key. 

20. (Amended) The terminal device according to claim 19, wherein 
20 said data storing unit is a recording device releasably attached to 

said terminal device. 

21. (Amended) The terminal device according to claim 19, wherein 
said data storing unit further includes a fourth key holding unit 

25 (1401) holding said first public encryption key and being capable of 
externally outputting said first public encryption key. 

22. (Amended) The terminal device according to claim 19, wherein 
said data storing unit further includes a first data holding unit 

30 (1442) for encrypting and holding said first public encryption key and first 
authentication data unique to said data storing unit and determined 
uniquely to said first public encryption key in a form allowing decryption 
with a predetermined authentication key. 
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23. (Amended) The terminal device according to claim 19, wherein 

said terminal device further includes a content reproducing unit; 

said content reproducing unit includes: 
5 a fifth key holding unit (1520) for holding a third private decryption 

key used for decrypting the data encrypted with a third public encryption 
key unique to said content reproducing unit, 

a fourth decryption processing unit (1522) for decrypting and 
extracting said second symmetric key encrypted with said third public 
10 encryption key in said data storing unit, 

a third session key generating unit (1502) for producing a third 
symmetric key, 

a second encryption processing unit (1504) for encrypting said third 
symmetric key based on said second symmetric key decrypted and extracted 
15 by said fourth decryption processing unit, and outputting the encrypted 
third symmetric key, 

a fifth decryption processing unit (1506) for decrypting and 
extracting the license key encrypted with said third symmetric key in said 
data storing unit, and 
20 a data reproducing unit (1508) for decrypting the encrypted content 

data recorded in said recording unit with said extracted license key to 
reproduce the content data; 

said data storing unit further includes a third encryption processing 
unit (1430) for encrypting said second symmetric key produced by said 
25 second session key generating unit based on said third public encryption 
key; 

said second decryption processing unit (1410) further receives said 
third symmetric key encrypted with said second symmetric key in said 
content reproducing unit, and decrypts said encrypted third symmetric key 
30 based on said second symmetric key to extract said third symmetric key; 

said third decryption processing unit decrypts said license key 
encrypted with said second public encryption key stored in said memory 
unit based on said second private decryption key, and extracts said license 
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key; and 

said first encryption processing unit further encrypts said license key 
extracted by said third decryption processing unit based on said third 
symmetric key extracted by said second decryption processing unit, and 
applies the encrypted license key to said content reproducing unit. 

24. (Amended) The terminal device according to claim 23, wherein 
said content reproducing unit further includes a sixth key holding 

unit (1524) for holding said third public encryption key, and being capable 
of externally outputting said third public encryption key. 

25. (Amended) The terminal device according to claim 23, wherein 
said content reproducing unit includes a second data holding unit 

(1525) for encrypting and holding said third public encryption key and 
second authentication data being unique to said data storing unit and 
determined uniquely with respect to the third public encryption key such 
that said third public encryption key and said second authentication data 
can be decrypted with a predetermined authentication key; 
said data storing unit further includes: 

an authentication key holding unit for holding said authentication 

key, 

an authentication data decryption processing unit for decrypting said 
second authentication data applied from said data storing unit based on 
said authentication key to extract said third public encryption key and said 
first authentication data, and 

a control unit (1420) for performing authentication based on said 
second authentication data, and determining whether at least the license 
key is to be output to said content reproducing unit or not; and 

said authentication data decryption processing unit applies said 
extracted third public encryption key and said extracted second 
authentication data to said third encryption processing unit and said 
control unit, respectively. 
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26. (Amended) The terminal device according to claim 23, wherein 
said license key is stored in the memory unit after being encrypted 

into a form allowing decryption with a terminal common decryption key 

common to said plurality of terminals; 

said content reproducing unit further includes: 

a decryption key holding unit for holding said terminal common 

decryption key, and 

a sixth decryption processing unit for decrypting the output of said 

fifth decryption processing unit based on said terminal common decryption 

key to extract said license key. 

27. (Amended) The terminal device according to claim 19, wherein 
said data storing unit further includes: 

a third encryption processing unit (1430) for encrypting said second 
symmetric key with said first public encryption key of a different data 
storing unit in accordance with a transfer processing for transferring at 
least said license key to said different data storing unit, and 

a fourth encryption processing unit (1414) for performing the 
encrypting processing with the second public encryption key of said 
different data storing unit; 

said second session key generating unit generates said second 
symmetric key in accordance with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth 
symmetric key applied from said different data storing unit after being 
encrypted with said second symmetric key and the second public encryption 
key of said different data storing unit in accordance with said transfer 
processing; 

said third decryption processing unit decrypts the data encrypted 
with said second public encryption key stored in said memory unit based on 
said second private decryption key in accordance with said transfer 
processing to extract said license key; 

said fourth encryption processing unit encrypts said extracted license 
key based on the second public encryption key of said different data storing 
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unit in accordance with said transfer processing; and 

said first encryption processing unit encrypts the output of said 
fourth encryption processing unit with said extracted fourth symmetric key, 
and outputs the encrypted output to said different data storing unit in 
accordance with said transfer processing. 

28. (Amended) The terminal device according to claim 21, wherein 
said data storing unit further includes: 

a third encryption processing unit (1430) for encrypting said second 
symmetric key with said first public encryption key applied from a different 
data storing unit in accordance with a transfer processing for transferring 
at least said license key to said different data storing unit, and 

a fourth encryption processing unit (1414) for performing the 
encrypting processing with the second public encryption key of said 
different data storing unit; 

said second session key generating unit generates said second 
symmetric key in accordance with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth 
symmetric key applied from said different data storing unit after being 
encrypted with said second symmetric key and the second public encryption 
key of said different data storing unit in accordance with said transfer 
processing; 

said third decryption processing unit decrypts the data encrypted 
with said second public encryption key stored in said memory unit based on 
said second private decryption key in accordance with said transfer 
processing to extract said license key; 

said fourth encryption processing unit encrypts said extracted license 
key based on the second public encryption key of said different data storing 
unit in accordance with said transfer processing; and 

said first encryption processing unit encrypts the output of said 
fourth encryption processing unit with said extracted fourth symmetric key, 
and outputs the encrypted output to said different data storing unit in 
accordance with said transfer processing. 
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29. (Amended) The terminal device according to claim 20, wherein 
said data storing unit further includes: 

an authentication key holding unit for holding said authentication 

key, 

an authentication data decryption processing unit for decrypting said 
first authentication data applied from a different data storing unit based on 
said authentication key to extract said first public encryption key and said 
first authentication data in accordance with transfer processing for 
transferring at least said license key to said different data storing unit, 

a control unit (1420) for performing authentication based on said 
first authentication data and in accordance with said transfer processing, 
and determining whether at least the license key is to be output to said 
different data storing unit or not, 

a third encryption processing unit (1430) for encrypting said second 
symmetric key with said first public encryption key output from said 
different data storing unit in accordance with said transfer processing, and 

a fourth encryption processing unit (1414) for performing the 
encrypting processing with the second public encryption key of said 
different data storing unit; 

said second session key generating unit generates said second 
symmetric key in accordance with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth 
symmetric key applied from said different data storing unit after being 
encrypted with said second symmetric key and the second public encryption 
key of said different data storing unit in accordance with said transfer 
processing; 

said third decryption processing unit decrypts the data encrypted 
with said second public encryption key stored in said memory unit based on 
said second private decryption key in accordance with said transfer 
processing to extract said license key; 

said fourth encryption processing unit encrypts said extracted license 
key based on the second public encryption key of said different data storing 
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unit in accordance with said transfer processing; and 

said first encryption processing unit encrypts the output of said 
fourth encryption processing unit with said extracted fourth symmetric key, 
and outputs the encrypted output to said different data storing unit in 
5 accordance with said transfer processing. 

30. (Amended) A terminal device for receiving at least a license key 
for decrypting encrypted content data between said license key and said 
encrypted content data distributed from a data supply device, comprising: 
10 a first interface unit for externally transmitting data; and 

a data storing unit (140) for receiving and storing said license key, 
wherein 

said data storing unit includes: 

a first key holding unit (1402) for holding a first private decryption 
15 key for decrypting the data encrypted with a first public encryption key, 

a first decryption processing unit (1404) for receiving and decrypting 
a first symmetric key encrypted with said first public encryption key and 
externally input, 

a second key holding unit (1405) for holding a second public 
20 encryption key unique to said data storing unit, 

a second session key generating unit (1432) for producing a second 
symmetric key, 

a first encryption processing unit (1406) for encrypting said second 
public encryption key and said second symmetric key based on said first 
25 symmetric key, and outputting the encrypted keys to said first interface 
unit, 

a second decryption processing unit (1410) for receiving the license 
key encrypted with said second public encryption key and further 
encrypted with said second symmetric key, and decrypting the received 
30 license key based on said second symmetric key, 

a third key holding unit (1415) for holding a second private 
decryption key used for decrypting the data encrypted with said second 
public encryption key and being unique to said data storing unit, 
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a third decryption processing unit (1416) for receiving said license 
key encrypted with said second public encryption key, and decrypting the 
received license key with said second private decryption key, and 

a memory unit (1412) for receiving the output of said third 
decryption processing unit, and storing said license key. 

31. (Amended) The terminal device according to claim 30, wherein 
said data storing unit is a recording device releasably attached to 

said terminal device. 

32. (Amended) The terminal device according to claim 30, wherein 
said data storing unit further includes a fourth key holding unit 

(1401) holding said first public encryption key and being capable of 
externally outputting said first public encryption key. 

33. (Amended) The terminal device according to claim 30, wherein 
said data storing unit further includes a first data holding unit 

(1442) for encrypting and holding said first public encryption key and first 
authentication data unique to said data storing unit and determined 
uniquely to said first public encryption key in a form allowing decryption 
with a predetermined authentication key. 

34. (Added) The terminal device according to claim 21, wherein 
said terminal device further includes a content reproducing unit; 
said content reproducing unit includes: 

a fifth key holding unit (1520) for holding a third private decryption 
key used for decrypting the data encrypted with a third public encryption 
key predetermined for said content reproducing unit, 

a fourth decryption processing unit (1522) for decrypting and 
extracting said second symmetric key encrypted with said third public 
encryption key in said data storing unit, 

a third session key generating unit (1502) for producing a third 
symmetric key, 
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a second encryption processing unit (1504) for encrypting said third 
symmetric key based on said second symmetric key decrypted and extracted 
by said fourth decryption processing unit, and outputting the encrypted 
third symmetric key, 

a fifth decryption processing unit (1506) for decrypting and 
extracting the license key encrypted with said third symmetric key in said 
data storing unit, and 

a data reproducing unit (1508) for decrypting the encrypted content 
data recorded in said recording unit with said extracted license key to 
reproduce the content data; 

said data storing unit further includes a third encryption processing 
unit (1430) for encrypting said second symmetric key produced by said 
second session key generating unit based on said third public encryption 
key; 

said second decryption processing unit (1410) further receives said 
third symmetric key encrypted with said second symmetric key in said 
content reproducing unit, and decrypts said encrypted third symmetric key 
based on said second symmetric key to extract said third symmetric key; 
and 

said first encryption processing unit further encrypts said license key 
stored in said memory unit based on said third symmetric key extracted by 
said second decryption processing unit, and applies the encrypted license 
key to said content reproducing unit. 

35. (Added) The terminal device according to claim 34, wherein 
said content reproducing unit further includes a sixth key holding 

unit (1524) for holding said third public encryption key, and being capable 
of externally outputting said third public encryption key. 

36. (Added) The terminal device according to claim 34, wherein 
said content reproducing unit includes a second data holding unit 

(1525) for encrypting and holding said third public encryption key and 
second authentication data being unique to said data storing unit and 
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determined uniquely with respect to the third public encryption key such 
that said third public encryption key and said second authentication data, 
can be decrypted with a predetermined authentication key; 
said data storing unit further includes: 
5 an authentication key holding unit for holding said authentication 

key, 

an authentication data decryption processing unit for decrypting said 
second authentication data applied from said data storing unit based on 
said authentication key to extract said third public encryption key and said 
10 first authentication data, and 

a control unit (1420) for performing authentication based on said 
second authentication data, and determining whether at least the license 
key is to be output to said content reproducing unit or not; and 

said authentication data decryption processing unit applies said 
15 extracted third public encryption key and said extracted second 

authentication data to said third encryption processing unit and said 
control unit, respectively. 

37. (Added) The terminal device according to claim 34, wherein 
20 said license key is stored in the memory unit after being encrypted 

into a form allowing decryption with a terminal common decryption key 
common to said plurality of terminals; 

said content reproducing unit further includes: 

a decryption key holding unit for holding said terminal common 
25 decryption key, and 

a sixth decryption processing unit for decrypting the output of said 
fifth decryption processing unit based on said terminal common decryption 
key to extract said license key. 

30 38. (Added) The terminal device according to claim 30, wherein 

said data storing unit further includes: 

a third encryption processing unit (1430) for encrypting said second 
symmetric key with said first public encryption key of a different data 
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storing unit in accordance with a transfer processing for transferring at 
least said license key to said different data storing unit, and 

a fourth encryption processing unit (1414) for performing the 
encrypting processing with the second public encryption key of said 
5 different data storing unit; 

said second session key generating unit generates said second 
symmetric key in accordance with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth 
symmetric key applied from said different data storing unit after being 
10 encrypted with said second symmetric key and the second public encryption 
key of said different data storing unit in accordance with said transfer 
processing; 

said fourth encryption processing unit encrypts said extracted license 
key stored in said memory unit based on the second public encryption key 
15 of said different data storing unit in accordance with said transfer 
processing; and 

said first encryption processing unit encrypts the output of said 
fourth encryption processing unit with said extracted fourth symmetric key, 
and outputs the encrypted output to said different data storing unit in 
20 accordance with said transfer processing. 



39. (Added) The terminal device according to claim 38, wherein 
said data storing unit further includes a fourth key holding unit 

(1401) holding said first public encryption key and being capable of 
25 externally outputting said first public encryption key, and 

said third encryption processing unit performs encryption based on 

said first public encryption key applied from said different data storing unit 

in accordance with said transfer processing. 



30 40. (Added) The terminal device according to claim 32, wherein 

said data storing unit further includes: 

a third encryption processing unit (1430) for encrypting said second 
symmetric key with said first public encryption key output from a different 
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data storing unit in accordance with a transfer processing for transferring 
at least said license key to said different data storing unit, and 

a fourth encryption processing unit (1414) for performing the 
encrypting processing with the second public encryption key of said 
different data storing unit; 

said second session key generating unit generates said second 
symmetric key in accordance with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth 
symmetric key applied from said different data storing unit after being 
encrypted with said second symmetric key and the second public encryption 
key of said different data storing unit in accordance with said transfer 
processing; 

said third decryption processing unit decrypts the data encrypted 
with said second public encryption key stored in said memory unit based on 
said second private decryption key in accordance with said transfer 
processing to extract said license key; 

said fourth encryption processing unit encrypts said extracted license 
key based on the second public encryption key of said different data storing 
unit in accordance with said transfer processing; and 

said first encryption processing unit encrypts the output of said 
fourth encryption processing unit with said extracted fourth symmetric key, 
and outputs the encrypted output to said different data storing unit in 
accordance with said transfer processing. 

41. (Added) The terminal device according to claim 33, wherein 
said data storing unit further includes: 

an authentication key holding unit for holding said authentication 

key, 

an authentication data decryption processing unit for decrypting said 
first authentication data applied from a different data storing unit based on 
said authentication key to extract said first public encryption key and said 
first authentication data in accordance with transfer processing for 
transferring at least said license key to said different data storing unit, 
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a control unit (1420) for performing authentication based on said 
first authentication data and in accordance with said transfer processing, 
and determining whether at least the license key is to be output to said 
different data storing unit or not, 

a third encryption processing unit (1430) for encrypting said second 
symmetric key with said first public encryption key output from said 
different data storing unit in accordance with said transfer processing, and 

a fourth encryption processing unit (1414) for performing the 
encrypting processing with the second public encryption key of said 
different data storing unit; 

said second session key generating unit generates said second 
symmetric key in accordance with said transfer processing; 

said second decryption processing unit decrypts and extracts a fourth 
symmetric key applied from said different data storing unit after being 
encrypted with said second symmetric key and the second public encryption 
key of said different data storing unit in accordance with said transfer 
processing; 

said third decryption processing unit decrypts the data encrypted 
with said second public encryption key stored in said memory unit based on 
said second private decryption key in accordance with said transfer 
processing to extract said license key; 

said fourth encryption processing unit encrypts said extracted license 
key based on the second public encryption key of said different data storing 
unit in accordance with said transfer processing; and 

said first encryption processing unit encrypts the output of said 
fourth encryption processing unit with said extracted fourth symmetric key, 
and outputs the encrypted output to said different data storing unit in 
accordance with said transfer processing. 

42. (Added) A terminal device for receiving at least a license key for 
decrypting encrypted content data between said license key and said 
encrypted content data distributed from a data supply device, comprising: 

a first interface unit for transmitting data to and from said data 
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supply device; 

a content reproducing unit; and 

a second interface unit for connection to a data storing unit 
releasably attached to said terminal device, wherein 
5 said content reproducing unit includes: 

a fourth key holding unit (1520) for holding a third private 
decryption key used for decrypting the data encrypted with a third public 
encryption key, 

a fourth decryption processing unit (1522) for decrypting and 
10 extracting said second symmetric key encrypted with said third public 
encryption key in said data storing unit, 

a third session key generating unit (1502) for producing a third 
symmetric key, 

a second encryption processing unit (1504) for encrypting said third 
15 symmetric key based on said second symmetric key decrypted and extracted 
by said fourth decryption processing unit, and outputting the encrypted 
third symmetric key, 

a fifth decryption processing unit (1506) for decrypting and 
extracting the license key encrypted with said third symmetric key in said 
20 data storing unit, and 

a data reproducing unit (1508) for decrypting the encrypted content 
data recorded in said recording unit with the extracted license key to 
reproduce the content data. 



25 43. (Added)The terminal device according to claim 42, further 

comprising: 

a data holding unit (1525) for holding second authentication data 
and said third public encryption key in a form allowing decryption with an 
authentication key for external output. 

30 

44. (Amended) A recording device for storing an encrypted content 
data and a license key for decrypting said encrypted content data, 
comprising: 
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an interface unit for externally transmitting data; 
/ a memory unit (1412) for recording the data; and * 

a parallel data bus (BS3) having a width of m bits (m is a natural 
number larger than 1 (m > 1)), and transmitting the data between said 
5 interface unit and said recording unit, wherein 
said interface unit includes: 
a plurality of terminals (1462.0 - 1462.3), 

selecting means for selecting a predetermined terminal(s) of one or n 
in number (n is a natural satisfying (1 < n < m)) as a terminal(s) for 
10 externally receiving data in accordance with a switching instruction for a 
bit width of the externally applied input data, 

first converting means for operating in accordance with said 
switching instruction to convert serial data externally applied via said 
selected one terminal or parallel data of an n-bit width externally applied 
15 via said n terminals into parallel data of an m-bit width, and supply the 
converted parallel data to said parallel data bus, and 

second converting means for converting the parallel data of the m-bit 
width applied from said parallel data bus into serial data, and externally 
outputting the converted serial data via predetermined one terminal among 
20 said plurality of terminals; 

a first key holding unit (1402) for holding a first private decryption 
key for decrypting data encrypted with a first public encryption key; 

a first decryption processing unit (1404) for receiving a first 
symmetric key encrypted with said first public encryption key, and 
25 decrypting the received first symmetric key based on said first private 
decryption key; 

a second key holding unit (1405) for holding a second public 
encryption key; 

a session key generating unit (1432) for producing a second 
30 symmetric key; 

a first encryption processing unit (1406) for encrypting said second 
public encryption key and said second symmetric key based on said first 
symmetric key, and outputting the encrypted keys to said interface unit via 



- 86/9 - 



Translation of Annexes to IPER 
(SUBSTITUTE SHEETS) 

said parallel data bus; 

a second encryption processing unit (1410) for receiving a license key- 
encrypted with said second public encryption key, and further encrypted 
with said second symmetric key, and decrypting the received license key 
based on said second symmetric key; 

a third key holding unit (1415) for holding a second private 
decryption key set uniquely to said recording device for decrypting the data 
encrypted with said second public encryption key; and 

a third decryption processing unit (1416) for receiving the license key 
encrypted with said second public encryption key, and decrypting the 
received license key based on said second private decryption key to extract 
said license key, wherein 

said recording unit stores said encrypted content data and said 
license key. 

45. (Amended) The recording device according to claim 44, further 
comprising: 

an authentication data holding unit (1442) for holding an 
authentication data prepared by encrypting said first public encryption key 
and a certificate data corresponding to said first public encryption key in a 
form allowing external decryption with an authentication key for external 
output. 

46. (Deleted) 
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ABSTRACT 



A memory card 110 performs decryption processing to extract a 
session key Ks from data applied from a server to a data bus BS3 over a 
cellular phone network. An encryption processing unit 1406 encrypts 
public encryption key KPcard(l) of memory card 110 based on session key 
Ks, and applies the same to the server via data bus BS3. A register 1500 
receives and stores data such as decrypted license ID and user ID from the 
server, and a memory 1412 receives and stores encrypted content data 
[Dc]Kc applied from data bus BS3 and encrypted with a license key Kc. 



- 87- 



JL O O S «3 Jf . :t E! .TO. 1OT H 



1 



CM 
CO 




CSJ 



CM 
O 



DODO 
ODOD 
ODOD 



< 
o 

CL 











✓ — 


> 









o 

7 



o 
o 

X 



□□□□ 
□□□□ 
□□□□ 



ERISTICS 


A SECRET KEY UNIQUE TO TYPE OF MEMORY CARD. 


A SECRET KEY UNIQUE TO MEMORY CARD. 


CORRESPONDED TO Kcard(n). 

Kcard(n) CAN DECRYPT DATA ENCRYPTED WITH KPcard(n). 


CORRESPONDED TO Kmedia. 

Kmedia CAN DECRYPT DATA ENCRYPTED WITH KPmedia. 


GENERATED FOR EVERY COMMUNICATION (E.G., ACCESS). 
ADMINISTRATED BY DISTRIBUTION SERVER AND 
CELLULAR PHONE. 


DECRYPTION KEY OF ENCRYPTED CONTENT DATA. 


EX. TUNE TITLE INFORMATION, INFORMATION 
FOR REPRODUCTION TIME RESTRICTION 


EX. PHONE NUMBER 


EX. MUSIC 


CONTENT DATA ENCRYPTED WITH SYMMETRIC KEY Kc. 


CHARACT 


UNIQUE TO 
MEDIUM 






UNIQUE TO 
MEDIUM 


UNIQUE TO 
SESSION 


LICENSE KEY 






























cr 






ATTRIBUTE 


PRIVATE 

DECRYPTION KEY 


PRIVATE 

DECRYPTION KEY 


PUBLIC 

ENCRYPTION KEY 


PUBLIC 

ENCRYPTION KEY 


SYMMETRIC KEY 




SYMMETRIC KEY 


INFORMATION FOR 
REPRODUCTION 


INFORMATION FOR 
IDENTIFYING RECEIVE 


CONTENT DATA 


ENCRYPTED 
CONTENT DATA 


REFERENCE 


Kmedia(n) 


Kcard(n) 


KPcard(n) 


KPmedia(n) 




o 


License-ID 


User-ID 


o 
Q 


[Dc]Kc 




ADMINISTRATION 
KEY INSIDE 
MEMORY CARD 


ADMINISTRATION 
KEY OUTSIDE 
MEMORY CARD 


DISTRIBUTED 
DATA 



10/069112 




.riOOi&'Qi.i.rie m £Q. 




FIG.6 

DISTRIBUTION (SERVER30) 



(CELLULAR PHONE(USERD) I 

i 

sioo 



(CARDIIO) 




PRODUCE SESSION KEY Ks BY 
DISTRIBUTION SERVER 
ENCRYPT KEY Ks WITH KEY KPmedia(l) 
PRODUCE DATA [Ks]Kmedia(1) 



z 



SEND [Ks]Kmedia(D FROM 
DISTRIBUTION SERVER 



S110 



RECEIVE [KPcard(1)]Ks BY 
DISTRIBUTION SERVER 

i 



DECRYPT AND EXTRACT KEY 
KPcard(1)WITH KEY Ks 



RECEIVE [Ks]Kmedia(1) 
BY CELLULAR PHONE 



S112 



SEND [KPcard(1)]Ks FROM 
CELLULAR PHONE TO 
DISTRIBUTION SERVER 



SI 20 



PRODUCE LICENSE INFORMATION 
License BY SERVER 



S122 



SI 24 



S126 



OBTAIN AND SEND [Dc]Kc FROM 
DISTRIBUTION INFORMATION DATABASE 



S128 



TO S134 



RECEIVE DATA [Dc]Kc BY 
CELLULAR PHONE 



S130 



1 



ENCRYPT AND EXTRACT KEY Ks 
WITH KEYKmedia(l) 

i 



ENCRYPT PUBLIC ENCRYPTION 
KEY KPcard(l) WITH KEY Ks 



PRODUCE [KPcard(1)]Ks 
1 



S114 

S116 
S118 



± 



STORE DATA [Dc]Kc IN MEMORY SI 32 



rO S154 



1006111 



12 



CO 



Q 

tr 
< 
o 



CD 

co 



00 

T— 

CO 



03 
O 

IP 

^ CO 

^3 

I — I 

CD CD 

CO CO 

C C 

CD CD 

o o 



>- IXI 

cr cr 
o o 
lu h- 

Q CO 



CD 



cr 

LU 

CO 



o 
x 

Q_ 

cr 



LU 

o 



CO 



co 

CO 

.CO 



CO 
CO 

CO.. 



CO 



<d -r 
O 



LU 



O 



o o 
lu cr 
cr u. 



o 

CO 

cr 

LU 
> 

cr 

LU 

CO 



CM 
CO 

CO 



O 

cr 
u_ 



CO 

o 
To 



o 
cr 



LU 
CO 

< 

CO 

< 

< 
so 

o -z. 
Eg 

i* 

>- cr 
So 

^ Ll_ 
LU Z 
CO — 

LU O 

Or 
zffi 

m £2 
o Q 



< 
< 



> o 

LU Q_ 

CL LU 

>- ^ 

cr x 



03 
O 

CO 

c 
cd 
o 



o 
CO 



a 

>- CO 

Lr * 
o>- 

21 LU 
LU ^ 



CM 
CO 



O 

LO 



CO. 



o 
co 



LU 

O 

< 
I- 

CL 
LU 
O 

g LU 

H 

CO 3 

offi 

2: co 

LU 3 

o Q 

LU >- 

cr cd 



CM 

10 

. 55. 



LU 
CO 

< 

CO 

< 
< 

o 



ZD 

o 
o 
o 
< 



a 
cr 
o 
o 

LU 

cr 



CO 



a 



.100691 ,:£,£ 



3 



Mad 12 



FIG.8 

REPRODUCTION (CELLULAR PHONE(USERI) J 
WITH REGISTER ' — 




RECEIVE KEY KPmediaCO 



PRODUCE Ks BY CELLULAR PHONE 
ENCRYPT Ks WITH KEY KPmedia(l) 
TO PRODUCE [Ks]Kmedia(D 
1 = 



S206 



S208 



DECRYPT DATA [Kc]Ks WITH 
KEY Ks, AND ACCEPT KEY Kc 



S224 



DECRYPT DATA [Dc]Kc WITH KEY Kc, 
AND PRODUCE PLAINTEXT MUSIC DATA 



REPRODUCE MUSIC FROM 
PLAINTEXT MUSIC DATA 



S230 



( END ) S232 



(carpi 10) 



DECRYPT [Ks]Kmedia(D WITH KEY 
KmediaO), ACCEPT Ks 



READ [Kc,License]Kcard(D FROM 
MEMORY, AND DECRYPT WITH Kcard(l) 




S210 



S212 



EXTRACT KEY Kc 



CHANGE DATA License IN REGISTER 



S216 



S218 



ENCRYPT LICENSE KEY Kc WITH KEY Ks S220 



OUTPUT [Kc]Ks 



READ AND OUTPUT DATA [Dc]Kc FROM 
MEMORY 



S222 



S226 



S228 



is:3!a69iiE 



www 





S3 



o 
or 



Q 

cc 

<C 

o 



a: 

3 



a O 
<u -r 

■3 s - 
^.3 



o ^ 

LU >- 

cc m 



O 
O 
< 



1 — « 



JC CO 



t/> I 

o 1— 

□E 

o o 



CM 

LU 

2 _ g 
O LU $ 

cc cc ^ 5= 

Lu lj- o 
u- lu cc 

LU O LU O 
W < O I — 



r- cc 



i — u*_ — - 

b: Li. o °- 



=> ^ <; 

Q LU 



m cc 

Q. 3 



_ o 

LU O 

00 <c 



LU O 
O h- 



Q_ 
CC 

3 
=! 

LU 

o 



co 

CO 



00 

CO 

co 



£0 




^ CM 




LU 




« O 




^ a. 


LU 


Sec 




S3 


O 

m 


53 


CL 


0" — 1 


cc 


£ LU 


3 

_l 


z 0 


_J 


LU CC 




00 LL 



LU 

UJ O 
Lt_ 

GO Q_ 



C5 ^ 
LU >- 



1 



CO 
CO 
CO 



O 

P Csl 
< . LU 
O ^ z 

cl LU m 

^ □_ — 3 
LU LU ZJ 
O O _4 
LU O LU 
CC < O 



Q 

< 
O 



CM 

co 
co 
CO 



o 
cc 



CSJ 

k_ 

nj 
O 

>- 
LU 



CO 

O 

CO 
CO 



O 
CC 



o 

Q 

<c 

o 



CL 

o 



CO 
O 
LU 
CC 

CC 

o 



< 



CO 
CO 



>- £ 

LU JO 

r~ co 
c: 



<2 

gel 

LU 
Q O 

^ =3 
<t Q 
O O 
^ CC 

>-°- 

LU O 

1— ^ 
a. ^ 

>- -o 
O o 

2 CL 
LU ^ 



< < 
So 

u- LU 

-I 

CC Q 
O O 
Z CC 
LU Q- 



O 



co 

CO 

CO 




;i O Ofi> 9 .1. .1. E 




CO 



CO 
CO 



O LU 



JL o □£» «9 ::L IS 



CM 

LO " 



CD 
O 
LO 



CM 





LO 


ONI 






— 3 










X 





< 




O 

I— 
CL 

O 

-z. 

LU 



O 
to 



CM 
CM 
LO 



Ks 

: RATION 


1502 




GENE 











TIO 








A 


9- Q- 




>- ^ 


< — 




ECR 




HOI 


Q 







o 

CM 
' LO 



CsJ 
O 




J.006.«J.l±a . £ 



112 




1 



FIG.14 



DISTRIBUTION (SERVER3l) 
INDEPENDENT Ks 



(CELLULAR PHONE(USERD) ; 



[CARD120] 



I DISTRIBUTION REQUEST 
i -r 




PRODUCE SESSION KEY Ks BY 
DISTRIBUTION SERVER 
ENCRYPT KEY Ks WITH KEY KPmedia(l) 
PRODUCE DATA [Ks]Kmedia(D 



SEND [Ks]Kmedia(1) FROM 
DISTRIBUTION SERVER 



I 



RECEIVE [KPcard(1),Ks1]Ks BY 
DISTRIBUTION SERVER 



DECRYPT AND EXTRACT KEYS 
KPcard(l) AND Ks1 WITH KEY Ks 



z 



PRODUCE LICENSE INFORMATION 
License BY SERVER 



SI 22 



S124 



SI 26 



OBTAIN AND SEND [Dc]Kc FROM 
DISTRIBUTION INFORMATION DATABASE 



SI 28 



TO SI 34 



RECEIVE [Ks]Kmedia(D 
BY CELLULAR PHONE1 



S112 



ENCRYPT AND EXTRACT KEY Ks 
WITH KEY Kmedia(l) 



ENCRYPT PUBUC ENCRYPTION KEY 
KPcard(l) AND KEY Ksl WITH KEY Ks 



SEND [KPcard(1),Ks1]Ks 
FROM CELLULAR PHONE 
TO DISTRIBUTION SERVER 



S120 



RECEIVE DATA [Dc]Kc 
BY CELLULAR PHONE 



SI 30 



PRODUCE [KPcard(1),Ks1]Ks 
3 



S114 



S116 



S118 



z 



STORE DATA [Dc]Kc IN MEMORY 



S132 



TOS154 



CO 



CO 



CO 



CO 



CL 
>- 

cr 

o 

LU 
Q 



(0 

o 

I I 

<D 
CO 

c 

CD 

o 



o 



< 
< 

Q 

81 

2 LU 

cr 2 



0) 
CO 

c 

cd 
o 



ca \— 
o < 

O LLI 

£cr 

<D O 
_J CO 



H- < I- 

cl-<£2 

cr -p lu 
o cr 

LU o — p 

o S 



cr 

LU 

<*> 



CL 

cr 

3 



O 



CO 

cr 

LU 

> 
cr 

LU 

CO 



CM 
CO 

CO 



o 
cr 



LO 



CO 

o 



CO 



CO 



CO 

< 

CO 

< 
< 

O z 
> cr 



CO ~ 

z 2: 

LU O 

Op 

m £2 
O Q 



CO 
CO 



oo 

CO 

.CO- 




CD 
CO 

c 

<D 

o 



< 
h- 
< 

Q 
Q 

<^ 
O no 

> O 
LU CL 

CL LU 

cr -r 









CO 












>- 

LU 
















CO 


X 










































1_ 




o 


CO 






o 




l ~CD 






CO 

c 


Id 




CD 


CO 




O 


c 

CD 




l_l 


O 






1J 






o" 






*z 




Q 


1- 






CL 




LU 


>- 






cr 






o 






EN 







o 
to 



CO 



o 



o 
< 

CL 
LU 

O 

<■ LU 
p LU 

-i 
-1 

CO 3 
Sffi 

> CO 
LU ^ 

LU >• 

cr m 



OJ 

LO 



00. 



LU 

CO 

< 

CO 

< 
I— 
< 

o 



o 
o 
o 
< 



Q 

cr 
o 
o 

LU 

cr 



LO 

CO 



Q 

LU 



O o 
« cr 



,:100i6 i gj.JiE! .d 



112 



FIG. 16 



REPRODUCTION [CELLUL AR PHONE(USERD) 
Ks INDEPENDENT " 



REPRODUCTION REQUEST 
' ~ 



S200 



£ 



SEND PUBLIC ENCRYPTION KEY KPp 



S242 



PRODUCE Ks BY CELLULAR PHONE S244 



DECRYPT AND EXTRACT KEY Ksl WITH KEY Kp 



S252 



ENCRYPT KEY Ks WITH KEY Ksl 
TO PRODUCE DATA [Ks]Ks1 



SEND DATA [Ks]Ks1 
1 



S254 



S256 



[ CARD 120 ) 



DETERMINE 
"DATA License IN REGISTER,' 
REPRODUCIBLE? , 

S202 



NOTIFY REPRODUCIBILITY 



S240 



PRODUCE SESSION KEY Ksl 



ENCRYPT Ks1 WITH KEY KPp 



PRODUCE AND SEND [Ks1]Kp 
=3 



S246 
S248 
S250 



1 



DECRYPT [Ks]Ks1 WITH KEY Ksl 
TO ACCEPT KEY Ks 



S258 



READ [Kc.License]Kcard(1) FROM 
MEMORY, AND DECRYPT WITH Kcard(1) 




S260 



S262 



EXTRACT KEY Kc 



CHANGE DATA License IN REGISTER 



ENCRYPT LICENSE KEY Kc WITH 
KEY Ks 

* 

TO S270 



S264 
S266 

S268 



TO S280 



FIG.17 



FROM S202 



( CELLULAR PHQNE(USERI) ) 



DECRYPT DATA [Kc]Ks WITH 
KEY Ks TO ACCEPT KEY Kc 


y 




f * 


DECRYPTS DATA [Dc]Kc 
WITH KEY Kc TO PRODUCE 
PLAINTEXT MUSIC DATA 



S272 



REPRODUCE MUSIC FROM 
PLAINTEXT MUSIC DATA 



S276 



S278 



END 



}S280 



( CARD 120 ) 

FROM S268 
* 



OUTPU 



[Kc]Ks 



S270 



READ AND OUTPUT DATA 
[Dc]Kc FROM MEMORY 

=1 



S274 



«» i 13 ^jl • 




.1. 0 O 6. ^ ± ± S in |i giyffl 0i gi^ 1 



o 

or 



Q 
CC 

<: 
o 



CL 
DC 

3 



o 



LU >- 

EH 





CO 


>- 


<Z3 






"cj- 
co 


LO 
CO 


-o 


1— 


CO 


o 




s °- 


EP 




EM 




^LU 


ACC 




INM 




□C CO 

t o 

^ UJ 


o 








^ DC 


h- 








se]Kcard(' 
License IN 


to Z~, 
i- 

E S 


-> 


mse]Kcai 










a) <C 










O |— 


1 — £ 




O 




ID < 


S: § 




_J 




o Q 




O 






So" 




>1 
1 1 1 




£e 






STORI 




O Q 
UJ Z 



O UJ 2 

F z 5 

UJ LL. O CL 

UJ O LU O 
W<OH 



CsJ 
UJ 

005I 

nUJXOC 
□_ — 



CO 
CO 



O 
ZJZ 
0L 

tr 

3 



CO 
CO 
CO 

- CO - 



"^ir cm 

^ LU 

^ s — 

(13 O LU 

42 Z 

<L> ^ HZ 

l|§ 

o — 1 — > 
^ LU ZJ 

So Zj 

_ ^- LU 
Q ^ O 

2: o _ 
lu or o 

CO LL I — 



1 








5 




h- 




CL. 
LU 




O 




AC 


Cvl 
LU 






UJ 


O 


u_ 


in 


CO 


a_ 




ct: 


g 




1— 




LU 




> 


LU 


LU 
O 
LU 


O 


>- 


or 


CD 



O 

o ^ z 

g 00 o 
s> Q_ 2D 

lu uj rl 

o o _j 

LU O UJ 

ce < o 



Q 

o 



CO 

CO 



o 



Is 

LU 
Q O 

>-, Q - 

UJ o 

1 — o 
Q_ O 

o 

Z CL 

LU ^ 



_J « — ' 
< Q 



O 



a. o 
^l£ 
z o 



o 




:i o a & s> a :i e -tQ^O^^I 1 2 



o 

o . 

CM 
CM 




CM 
O 
O 
CM 



< 

O 



o< 

O CL 



^1- 
o 
o 

CM 



O 
O 
O 
CM 



□ □□□ 

□ □□□ 

□ □□□ 




1 



o 

CsJ 

d 



□ □□□ 
DDDD 

□ □□□ 



O 

— o 



:i q o us >g .1 jl e fl^q J 




JLO o s6 «9 :l lifl|^ :0"6§ :i 1 2 



FIG.22 

DISTRIBUTION 



VENDING 
MACHINE 



REQUEST 



S400 



REQUEST SENDING OF PUBLIC 
ENCRYPTION KEY KPmedia(l) 



S402 



I 



RECEIVE KEY KPmedia(1) 
* 



f CELLULAR PHONE(USERD) 



SEND KPmedia(l) FROM 
CELLULAR PHONE TO 
VENDING MACHINE 



COLLECT CHARGE 



S410 



S412 



S408 



PRODUCE SESSION KEY Ks BY 
VENDING MACHINE 

ENCRYPT KEY Ks WITH KEY KPmedia(l) 
PRODUCE DATA [Ks]Kmed ia(D 

g 



S414 



SEND [Ks]Kmedia(0 FROM VENDING 
MACHINE TO CELLULAR PH ONE 

1 — 



S416 



1 



RECEIVE [KPcard(1)]Ks BY VENDING 
MACHINE 



DECRYPT AND EXTRACT KEY KPcard(l) 
WITH KEY Ks 



PRODUCE LICENSE INFORMATION DATA 
License BY VENDING MACHINE 



RECEIVE [Ks]Kmedia(D BY 
CELLULAR PHONE 



S418 



SEND [KPcard(1)]Ks FROM 
CELLULAR PHONE TO 
VENDING MACHINE 



S426 



S428 



S430 



S432 



OBTAIN AND SEND [Dc]Kc FROM 
DISTRIBUTION INFORMATION D ATABASE 
1 



S434 



TO S440 



RECEIVE DATA [Dc]Kc BY 
CELLULAR PHONE 



S436 



(CARP1 10) 



1 



OUTPUT PUBLIC ENCRYPTION 

KEY KPmedia(1) 

i 



S406 



1 



DECRYPT AND EXTRACT KEY Ks 
WITH KEY Kmedia(l) 



S420 



ENCRYPT PUBLIC ENCRYPTION 
KEY KPcard(l) WITH KEY Ks 



S422 



PRODUCE PUBLIC ENCRYPTION 

KEY[KPcard(1)]Ks 

~i 



S424 



STORE DATA [Dc]Kc IN MEMORY 
— i 



S438 



± o o 6 *a :i, :i e ..5bO/ifi;i4^ 



a 
cr 
< 
a 



o 

co 



CO 



a. 
>- 
cr 
o 

LU 
Q 



CM 

10 

00 



CO 

o 

""a? 
c 

CD 
O 



O 



<>- 

o o 
cr s 
O uu 

o r 
cr £ 



oo 
id 

CO 



co 

as 

O 9b 

^ o 
^^cr 

C ^ LU 

a) § H 
.2 5 CO 

Q_ o ~ 

>- v: <d 

Of <D 
lUL U 

o51 



cr 

LU 

CO 
3 

UJ 



cr 



LU 

o 



_co . 



cnj 
CO 



CO 












|Kcai 




Jcense. 
PHONE 


6* 


cr 


i — i 


— ^ 


RECEIVE 
BY CELLl 



LU 



o 
< 

o 



LU 

> 



OO 
CO 

CO 



O 

cr 



LU 

co 
< 

CD 
< 

so 
02 

l_L 

0 

^ u_ 

LU Z 

00 

LU O 

o p 

O Q 



CD 
CO 

c 

CD 
O 



< 

co 

>- o 

LU Q_ 

Q_ LU 

>- ^ 

cr -r 

gt 

LU 5 



(0 

o 

l ~CD 
CO 

c 

CD 
O 



si? CO 

h- > 

Q_ LU 

>- ^ 

cr x 

si 



00 



LU 



Z S O 

o o ^ 

3 LL- Z 
DQ UJ LU 

5r o > 
•— • i— ■ 

Q 5_ UJ 

QUiZ 

^ o o 

UJ o x 

£/)< Q. 



CD 
CO- 



CD 
00 



LU 




o 
















Dl 




LU 




o 




o 




< 








o 


LU 

-z. 


in 


X 


TRIBI 


o 


MA 


CO 


o 


5 


DIN 


UJ 


> 




UJ 


LLJ 

o 


> 


UJ 


>- 


DC 


CD 



CO 

-z, < 

— CD 
Q< 

cr 

o< 
o Q 
lu z 

oo p 
lu <r 

<"co 

LU ^ 

cr S 
o5 

H Q 
CO < 



CD 
CD 

00 



Q 
LU 



CO 

cm 





o< 

O CL 



O , 
O 

CM 



□□□□ 

□ DDD 

□ □□□ 






CVJ 

CD 



s 








f — 


> 






> 


\ 







□□□□ 

□ □□□ 

□ □□□ 



FIG.25 

DISTRIBUTION f VENDING MACHINE J 



REQUEST 

i 



S400 



REQUEST SENDING OF PUBLIC 
ENCRYPTION KEY KPmedia(l) 



S402 



£ 



RECEIVE KEY KPmedia(1) 

i 



r COLLECT CHARGE 



S410 
S412 



PRODUCE SESSION KEY Ks BY 
VENDING MACHINE 

ENCRYPT KEY Ks WITH KEY KPmedia(1) 
PRODUCE DATA [Ks]Kmedia(Q 



I 



S414 



SEND [Ks]Kmedia(D FROM VENDING 
MACHINE TO CELLULAR PHONE 



S416 



RECEIVE [KPcard(1)]Ks BY 
VENDING MACHINE 

i 



DECRYPT AND EXTRACT KEY 
KPcard(l) WITH KEY Ks 

i 



S428 



S430 



PRODUCE LICENSE INFORMATION 
DATA License BY VE NDING MACHINE 

i 



S432 



OBTAIN AND SEND [Dc]Kc FROM 
DISTRIBUTION INFOR MATION DATABASE 
1 



f 

TO S440 



[ CARD110 ) 



OUTPUT PUBLIC ENCRYPTION 

KEY KPmedia(l) 

1 



S406 



DECRYPT AND EXTRACT 
KEY Ks WITH KE Y Kmedia(1) 

i 



ENCRYPT PUBLIC ENCRYPTION 
KEY KPcard(1) WI TH KEY Ks 

1 



S420 



S422 



PRODUCE PUBLIC ENCRYPTION 
KEY [KPcard(1)]Ks 

i ' 



S424 



S434 



STORE DATA [Dc ]Kc IN MEMORY 
i 



S438 



:i o o £* -qi :i ± e 1 f) f> § g 9 if j 2 



FIG.26 



[vending machine] 




(CARD110J 


FROM S438 
I 1 






OBTAIN LICENSE KEY Kc FROM 
nT^TRIRUTION INFORMATION 
nATARASF ! 


S440 j 










ENCRYPT KEY Kc, DATA License 
WITH KEY KPcardO) 


S442 S 










ENCRYPT [Kc,License]Kcard(1) 
WITH KEY Ks 


S444- 










I SEND [[Kc,License]Kcard(1)JKs 
1 i 


S446! 














I DECRYPT WITH Ks J 






* 








RECORD DATA [Kc,License]Kcard(1) 
IN MEMORY 






! w 








DECRYPT [Kc,License]Kcard(D 

WITH KcardCD AND STORE DATA 

License IN REGISTER 
i — . 1 






RECEIVE DISTRIBUTION 
ACCEPTANCE BY VENDING 
MACHINE 


S462 








STORE SALES RECORD IN 
ADMINISTRATION DATABASE 


S464 




1 

( END JS466 





]S450 



S452 



S458 



,i.oo 



e, g .1. .i, e 1 fl /«, Q § Qi i: 1 2 



FIG.28 



DISTRIBUTION 
Ks INDEPENDENT 



VENDING 
MACHINE 



REQUEST I S500 

r 



REQUEST SENDING OF PUBLIC 
ENCRYPTION KEY KPmediaO) 



S502 



T 



RECEIVE KEY KP media(l) 

i 



[CELLULAR PHONE(USER1)j 



S510 



SEND KPmedia(l) FROM 
CELLULAR PHONE TO 
VENDING MACHINE 



S508 



COLLECT CHARGE 



S512 



PRODUCE SESSION KEY Ks BY 
VENDING MACHINE 

ENCRYPT KEY Ks WITH KEY KPmedia(l) 
PRODUCE DATA [Ks]Kmedia(Q 



I 



S514 



SEND [Ks]Kmedia(D FROM VENDING 
MACHINE 



S516 



RECEIVE [KPcard(1).Ks1]Ks BY VENDING 
MACHINE 



DECRYPT AND EXTRACT KEYS KPcard(l) 
AND Ksl WITH KEY Ks 



PRODUCE UCENSE INFORMATION DATA 
License BY VENDING MACHINE 



OBTAIN AND SEND [Dc]Kc FROM 
DISTRIBUTION INFORMATION DATABASE 



S534 



TO S540 



RECEIVE [Ks]Kmedia(D BY 
CELLULAR PHONE 



S518 



SEND [KPcard(1),Ks1]Ks FROM 
CELLULAR PHONE TO 
VENDING MACHINE 



S526 



S528 



S530 



S532 



RECEIVE DATA [Dc]Kc 
BY CELLULAR PHONE 



S536 



(CARPI 20) 



1 



SEND PUBLIC ENCRYPTION KEY 
KPmedia(l) 



S506 



PRODUCE SESSION KEY Ksl 



S515 



DECRYPT AND EXTRACT KEY Ks 
WITH KEY Kmedia(l) 

i 



ENCRYPT PUBLIC ENCRYPTION KEY 
KPcard(l) AND KE Y Ksl WITH KEY Ks 



S520 



S522 



PRODUCE PUBLIC ENCRYPTION 

KEY [KPcard(1),Ks1]Ks 

' 



S524 



1 



STORE DATA [Dc]Kc IN MEMORY | S538 



JL DO 6 "3 1 .1.1. 12 



3 1 



o 

CM 
5 

en 
< 
o 



o 


CM 




lO 


in 


LO 


lO 


LO 


LO 


CO 


00 


00 






























1 






05 










O 






to 




nse] 




o ^ 








^ O 


WITH 




icei 








— i 

o 




§^ 


h- 

Q_ 




-> 


-l<o 


>- 




< 






cr 










DEC 




QO 




RYPT 
nse IN 






cc s 








O LU 




Op » 






o s 










LU 




q5j 




± O G M i .1. H . f 0 g 



FIG.30 



DISTRIBUTION [VENDING MACHINE ) 
Ks INDEPENDENT 

S500 



REQUEST 

i 



REQUEST SENDING OF PUBLIC 
ENCRYPTION KEY K Pmediad) 
1 



S502 



Z 



RECEIVE KEY KPmediad ) 



Z 



COLLECT CHARGE 

z 



S510 



S512 



PRODUCE SESSION KEY Ks 
BY VENDING MACHINE 
ENCRYPT KEY Ks WITH KEY KPmediad) 
PRODUCE DATA [Ks]Kmedia(D 



Z 



( CARD 120 ) 



z 



SEND PUBLIC ENCRYPTION 
KEY KPmediad) 



S506 



PRODUCE SESS 



S514 



SEND [Ks]Kmediad) FROM 
VENDING MACHINE 



S516 



RECEIVE [KPcard(1),Ks1]Ks 
BY VENDING MACHINE 



DECRYPT AND EXTRACT KEYS 
KPcardd) AND Ks1 WITH KEY Ks 



S528 



S530 



PRODUCE LICENSE INFORMATION 
DATA License BY VENDING MACHINE 



Z 



S532 



OBTAIN AND SEND [Dc]Kc FROM 
DISTRIBUTION INFORMATION DATABASE 



TO S540 



Z_5£ 



ON KEY Ks1 



S515 



DECRYPT AND EXTRACT KEY Ks 
WITH KEY Kmediad) 



ENCRYPT PUBLIC ENCRYPTION 
KEY KPcardd) AND KEY Ks1 WITH 
KEY Ks 

E 



PRODUCE [KPcar dd ),Ks1]Ks 
1 



S520 



S522 



S524 



S534 



Z 



STORE DATA [Dc]Kc IN MEMORY 
i 



S538 



FIG.31 



[vending machine) 

FROM S538 
4 



OBTAIN LICENSE KEY Kc FROM 
DISTRIBUTION INFORMATION 
DATABASE 

I 



ENCRYPT KEY Kc, DATA License 
WITH KEY KPcard(1) 

i 



ENCRYPT [Kc,License]Kcard(D 
WITH KEY Ks1 



I SEND [[Kc,License]Kcard(1)]Ks1 



S540 



S542 



S544 



S546 



RECEIVE DISTRIBUTION 
ACCEPTANCE BY VENDING 
MACHINE 



STORE SALES RECORD IN 
ADMINISTRATION DATABASE 



S558 



S560 



( END ) S562 



(carpi 20) 



DECRYPT WITH Ks1 



S550 



I 



RECORD DATA [Kc.License]Kcard(D 
IN MEMORY 



S552 



DECRYPT [Kc,License]Kcard(D 
WITH Kcard(1) AND STORE DATA 

License IN REGISTER 

1 



S554 



ID 



CsJ 




CM 



GO 

m 




o 

CO 



CM 

o 
co 



CO 



2-1 

h- o 
z> q: 

CD I- 

co o 



11 

>- to 



CM 

co 



r 



CM 

CM 
CO 



o 

CM 
CO 



o 

O 
ill 



I 



/I 

CO 
CO 



LU 

LU 
O 



>- ^ 

o 

LU 
Q 



o 

LO - 
CO 



CO 
CO 

CD 



1 



co 



CO 
CM 
CO 



if 







o 




p 




CL 




>- 


E 


cr 










LU 





CM 
CO 



O 
I— 

II 

I l 1 



1 



< LU 

OO 

IS 

o 
o 



.1, 0 O iS '9 .1. ± Ell 6/*Q.§if li fe 1 2 



CO 

d 




i.CitO£i. i 9:l..:iS S-Q^-^ff^ | 2 



FIG.35 



DISTRIBUTION [SERVER32) 
Ks INDEPENDENT 



RECEIVE [KPp,Crtf]KPmaster, 
[KPmedia(1),Crtf]KPmaster AND DISTRIBUTION REQUEST 



z 



DECRYPT [KPp.CrtflKPmaster AND 
[KPmedia(1),CrtflKPmaster WITH KPmaster 




SI OS- 



PRODUCE SESSION KEY Ks BY DISTRIBUTION 
SERVER ENCRYPT KEY Ks WITH KEY KPmedia(l) 
PRODUCE DATA [Ks]Kmedia(D 



z 



S108 



SEND [Ks]Kmedia(Q FROM DISTRIBUTION SERVE R 

sTTo ■ — 



Z 



RECEIVE [KPcard(1),Ks1]Ks BY 
DISTRIBUTION SERVER 



Z 



DECRYPT AND EXTRACT KEYS 
KPcardO) AND Ksl WITH KEY Ks 



z 



PRODUCE UCENSE INFORMATION 
License BY SERVER 



z 



OBTAIN AND SEND [Dc]Kc FROM ~ 
DISTRIBUTION INFORMATION DATABASE 
S128 ' = 



TO SI 54 



TO S134 



(CELLULAR PHONE(USERt)105) 



| DISTRIBUTION REQUEST | si00 



SEND [KPp.CrtflKPmaster, 
[KPmedia(1),Crtf]KPmaster 
AND DISTRIBUTION REQUEST 



S104* 



S105 



S103 



RECEIVE [Ks]Kmedia(D 
BY CELLULAR PHONE1 



S112 



SEND [KPcard(l).Ks1]Ks 
FROM CELLULAR PHONE 
TO DISTRIBUTION SERVER 



S122 



S124 



S126 



S120 



RECEIVE DATA [Dc]Kc BY 
CELLULAR PHONE 



S130 



[ CARD140 ) 



z 



SEND [KPmedia(l),Crtf]KPmaster | SI 02' 



ENCRYPT AND EXTRACT KEY Ks 
WITH KEY Kmedia(l) 



S114 



PRODUCE SESSION KEY Ksl | si 1 5 



Z 



ENCRYPT PUBLIC ENCRYPTION KEY 
KPcard(l) AND KEY Ks1 WITH KEY Ks 



S116 



PRODUCE [KPcard(1),Ks1]Ks | sH8 



1 



| STORE DATA [Dc]Kc IN MEMORY~|si32 



co 



CO 

CO 



CO 
CO 



CO 
00 



CO 
CO 



CO 



co 

CO 



CO 



CM 
CO 

CO 



o 



CO 
CO 

CI 



CO 

O 
CO 



O 



co 
< 

< 

O z 

eg 
i* 

>- cc 

^ Lu 
LU ~ZL 
CO 

LU O 

O p 

z s 

m 00 
o 5 



CO 
C 
CD 
O 



< 

Q 
O 

. CO 

>. o 
LU Q. 
*T ^ 

I- >- 
CL LU 
>- ^ 

o: x 



CO 

o 

CO 

c 

CD 
O 



o 1 ~~ 

V* co 

h- >- 

Q_ LU 

>- ^ 
oi 












V_ 






ca 






0 












1 — 1 

CD 






CO 






c 






CD 






O 












RECORD DATA [Kc 
IN MEMORY 





3d 
"Em 

— L -O 

I l-Q U- 

O E c5 

LU t O 

a 5 -1 



o 
to 



00 



o 

00 



LU 

o 



o 
o 

<LU 
~ LU 

PI 

5 99 

2: co 

lu p: 
o Q 
lu > 

LT CD 



OsJ 

10 

CO 



CO 

< 

CD 

< 
< 

a 



o 
o 
o 
< 



Q 
(T 
O 
O 
LU 
DC 



.1. .© O ifi. 'Qi ,1. .1. 2 «oj&,~iusa^ 



> Wf 1 1 2 



FIG.37 



REPRODUCTION (CELLULAR PHONE(USER1)10 5) 
Ks INDEPENDENT ~~ ~~~ 



REPRODUCTION REQUEST 



SEND [KPp,Crtf]KPmaster 
1 : 



S200 
S241 



£ 



DECRYPT AND EXTRACT KEY 
Ks1 WITH KEY Kp 



PRODUCE SESSION KEY Ks 



ENCRYPT KEY Ks WITH KEY Ksl 
TO PRODUCE DATA [Ks]Ks1 



S252 



S253 



S254 



SEND DATA [Ks]Ks1 
1 



S256 



[ CARD 140 ) 



DECRYPT [KPp.CrtflKPmaster 
WITH KPmaster 




PRODUCE SESSION KEY Ks1 



ENCRYPT Ksl WITH KEY KPp 



PRODUCE AND SEND [Ks1]Kp 
=] 



S246 



S248 



S250 



1 



DECRYPT [Ks]Ks1 WITH KEY Ks1 
TO ACCEPT Ks 



. S258 



DETERMINE DATA 
License IN REGISTER, 
REPRODUCIBLE?^ 



S259 



READ [Kc,License]Kcard(1) FROM 
MEMORY. AND DECRYPT WITH Kcard(l) 




S260 



S262 



TO S264 



TO S280 



.:i,OCIi&'9J„.:.L2: 



lQf §B9f 12 



FIG.38 



DECRYPT DATA [Kc]Ks WITH 
KEY Ks TO ACCEPT KEY Kc 



S272 



DECRYPTS DATA [Dc]Kc 
WITH KEY Kc TO PRODUCE 
PLAINTEXT MUSIC DATA 



REPRODUCE MUSIC FROM 
PLAINTEXT MUSIC DATA 



( END ) s280 



S276 



S278 



FROM S262 
i 



FROM S245, 
S259.S262 



EXTRACT KEY Kc 



S264 



CHANGE DATA License IN 
REGISTER 

I Z 



S266 



ENCRYPT LICENSE KEY Kc 
WITH KEY Ks 

I 



OUTPUT [Kc]Ks 



S268 
S270 



READ AND OUTPUT DATA 
[Dc]Kc FROM MEMORY 

□ §274 



o ^ 
cr co 

LL. CO. 



0«J 



1 — ' ID 
LU — 1 
> — 1 

Sri lu 

LU f 

LU >- 
CT CO 







Q_ 




LU 




o 




o 




< 




o 




1— 










31 


co 


1— 


e]Kc 




C/J 


CL 


c 

CD 
O 






Zi 


o 


o 


LU 

Q 





^ I— 

=C 00 

b; o 
-5: lu 
j^CC 

1 « 

to I 

a> <C 
o J— 

LU <C 
o O 

^.LU 

^ 

>;oo 
O Q 

LU Z 
Q < 

EE 



O LU 2 

LU LL. O °- 
S£ O CL < 

Ills 

LU O LU O 
10<0h 



Si- 3 



cr 

LU O LU O 
W < O | — 



CO 
CO 
CO 



o 





CO 


co 


CO 


CO 


CO 


-00 




- 00 












LU 






=5 


as 




—I 


o 












>- 

LU 




cr 






TE 






00 






EGI 






cr 


to 
c= 




cr 


<D 




o 


O 




LL. 


_l 




a? 


TA 




CO 


DA 




Lice 


ND 






< 






o 




Q 






TE 












i— 


fe 




i— 


>» 




00 


cr 




CD 


o 




=> 


LU 




00 


o 





cr co 
u_ oo- 



LU jo 

a) o 

£ -4 



is 

LU 

Q O 

33 

oO 

^ cr 
>-°- 

LU O 
^ H- 
J— 

a. zz. 

O o 
■Z. CL 
LU ^ 



^ LU 
CO O LU 

3 :r z: 

Sod 

Q ^ O 

^ o ;r 
lu cr o 

CO U, h— 



>- 

LU </> 



Sj^ CO 

1=1 O 
CD "~j 
tn — 1 



32 

5: O 

o °- 
z o 



ANCE 


S356 


MORY 


i— 

CL 
LU 




LU 


O 






^ CVJ 






<C LU 






cn z 




CO 


LU O 
LL. HI 




£ 

LU 


OO Q_ 












11 




«< 
cn 






LU 


LU —I 
















Eg 
O " 

LU >- 




LU 

tu 


DC CD 







CO 
lO 
CO 
00 



t— CM 

< . LU 

o ^ ^ 

3 m o 
aLux 

DOCL 

q 5 cr 

LU LU 

O O _J 
LU O LU 

cr < o 




CO 
Q 



o 

cr co 

Ll_ 00 



.1. 0 O 6. "3 1. .:! S l#y(f.,:0 ,: 6 iL 9 ii: 1 1 2 




.Ltoo&^J-JLE! „l:ft/::iD;;6:9i:;;f 1 2 



FIG.42 

DISTRIBUTION ( VENDING MACHINE3010j 



REQUEST 



S500 



(CARPI 40) 



REQUEST SENDING OF [KPmed ia(1),CrtflKPmas ter 
1 



S502' 



1 



OUTPUT [KPmedia(1 ),Crtf]KP niaster 
1 



S507 



DECRYPT [KPmedia(1),Crtf]KPmaster WITH 
KPmaster TO ACCEPT KPmedia(1) AND Crtf 




S509 



COLLECT CHARGE 



S512 



PRODUCE SESSION KEY Ks BY VENDING MACHINE 
ENCRYPT KEY Ks WITH KEY KPmedia(1) 
PRODUCE DATA [Ks]Kmedia(1) 



S514 



SEND [Ks]Kmedia(D FROM VENDING 
MACHINE TO CELLULAR PHONE 
1 



S516 



1 



DECRYPT AND EXTRACT K EY Ks WITH KEY Kmedia(1) 

i 



S520 



PRODUCE KEY Ksl 

i 



S521 



ENCRYPT PUBLIC ENCRYPTION KEY 
KPcard(l) AND KEY Ks1 WITH KEY Ks 

j 



PRODUCE [KPcard(1 ),Ks1]Ks 
-i 



S522 
S524 



RECEIVE [KPcard(1),Ks1]Ks BY 
VENDING MACHINE 

I 



DECRYPT AND EXTRACT KEYS 
KPcard(1) AND Ksl WITH KEY Ks 

JL 



S528 



S530 



PRODUCE LICENSE INFORMATION 
DATA License BY VENDING MACHINE 



S532 



OBTAIN AND SEND [Dc]Kc FROM 
DISTRIBUTION INFO RMATION DATABASE 
1 



S534 



TO S561 



TO S540 



1 



| STORE DATA [Dc]Kc IN MEMORY] 5533 



CM 
LO 

m 
CO 



o 

lo 
co- 



cm 

LO 
CO 



LO 

CO 



CO 

LO 

C7D- 



oo 

CO 
LO 
CO 



o 



LO 

CO 



LU 














BAS 




ITH 




ill 

HI 






ATA 




CA 








CO 
i i 






ceru 








T— 


O z 






v_ 




no 


Kc FR 
MATIOI 




TALi 




e]Kca 




]Kcar 




< 




CO 




CD 


EKEY 
NFOR 




Kc, D 




c 

CD 
O 

Lj 
o 
i — i 




Licens 


oo — ■ 




>- ^ 






d 














LU O 




^ -a 
(— <5 




i— 




SEND [[ 


BTAIN L 
ISTRIBU 




ENCRYP 
KEY KPc 




ENCRY 
KEY Ks 




O Q 















o 

LO 
LO 
CO 



CO 
O 

CO 

c 

CD 
O 



O 



< >- 

QO 

cr ^ 

o LU 

o 2 

LU 



o 




CO 



_ 

OQ|h 
HZQ< 
C/) LU < Q 



, 0 



1 U 



t— • 
o| 




jlo a £» ti: a.i. :te 



CO - 
CD 



O 

CO 



\1 



^< 

o < 

Oh 

o < 



CM 
O 
CO 



As 



< > 



Qo 

LU 
DO ^ < 

nop 

CO u_ 5 



s 

CO 



2 i 

h- o 
CD h- 

CO O 
Q 



>- o 



cm 

CO 



CM 
CO 
CO 



o 

CO 
CO 



I 



11 

> TO 

r ■) LL 
LU 



o 

O Q 
O _| 



CM 
CM 
CO 



G 



o 

CM 
CO 



O 
LU 



I 



CO 



O 

^ a: 



a 



o 

LU 

o 



I 



CO 



CO 
CM 
CO 



CO 
CO LU 



2^ 
Q. <D 



I 



CM 
CO 



0~ 

J— <D 
— +-» 

si 

1 1 1 



0) 



1 



o 

in- 
co 



LO 



o 

< LU 

o o 
z:> 

3 LU 

o 
o 



FIG.46 



DISTRIBUTION [SERVER33] 
Ks INDEPENDENT 



RECEIVE [KPp.Crtf]KPmaster, 
[KPmedia(1),Crtf]KPmaster AND DISTRIBUTION REQUEST 

I 



DECRYPT [KPp,Crtf]KPmaster AND 
[KPmedia(1),Crtf]KPmaster WITH KPmaster 




S104' 



S105 



PRODUCE SESSION KEY Ks BY DISTRIBUTION 
SERVER ENCRYPT KEY Ks WITH KEY KPmedia(l) 
PRODUCE DATA [Ks]Kmedia(D 



I SEND [Ks]Kmedia(D FROM DISTRIBUTION SERVER 

sTTo ' 



RECEIVE [KPcard(1),Ks1]Ks BY 
DISTRIBUTION SERVER 



[CELLULAR PHONE(USER1)107) 



[DISTRIBUTION REQUEST| siOO 



SEND [KPp,Crtf]KPmaster, 
[KPmedia(1),CrtflKPmaster 
AND DISTRIBUTION REQUEST 



S103 



S108 



RECEIVE [Ks]Kmedia(D BY 
CELLULAR PHONE1 



S112 



SEND [KPcard(1).Ks1]Ks 
FROM CELLULAR PHONE 
TO DISTRIBUTION SERVER 



SI 20 



DECRYPT AND EXTRACT KEYS KPcard(l) 
AND Ks1 WITH KEY Ks 



PRODUCE LICENSE INFORMATION License 
BY SERVER 



S122 



SI 24 



SI 26 



OBTAIN AND SEND [Dc]Kc FROM 
DISTRIBUTION INFORMATION DATABASE 



S128 



TOS154 



TO S134 



RECEIVE DATA [Dc]Kc BY 
CELLULAR PHONE 



S130 



(CARD140) 



I SEND [KPmedia(1).Crtf]KPmaster I S102' 

' ' 



ENCRYPT AND EXTRACT KEY Ks 
WITH KEY Kmediafl) 



± 



PRODUCE SESSION KEY Ksl 



ENCRYPT PUBLIC ENCRYPTION KEY 
KPcard(l) AND KEY Ksl WITH KEY Ks 

I 



PRODUCE [KPcard(1),Ks1]Ks 
i 



S114 
S115 

S116 
S118 



1 



STORE DATA [Dc]Kc IN MEMORY S132 





10 


CO 


CO 


co 


CO 


CO 


CO 










to 


CO 


CO 


CO 



to 



CO 

o 

CO 

c 

CP 

o 

*< 
23 



LU 



UJ 
O 



o o 
lu cr 
cr u_ 



CM 
CO 

CO 
O 

q: 



CD 



CO 

o 
CO 



O 



SE 
















to 


BA 








o " 










< 








O CO 














E 








CO 






< 




o 








o 




v. 






o 












co 
o 


CEY Kc FRO 
ORMATION 




EYI 




KEY [ 
H KEY 




nse 




id 
1? 










cu 
o 




to 
c 




! WITH 




PTED 

ewrn 




com, Li 




CD 
O 

Lj 

e" 


u_ 
















o 


LU 2 








O o 








o 


co — 




1- 












BTAIN LICEN 
ISTRIBUTION 




ENCRYP 










v 






ENCRYPT [ 
AND DATA 




ENCRYPT 
WITH KEY 




'UTPUT [[[1 


O Q 














o 



CNJ 

CO 





✓ s 


CO 










~o 

1_ 


CO 




CO 








(O 








1 — 1 

cu 






CO 






c 






CD 






o 






Lj 






c 
c 






Q 






o 












1 — 1 

o 












1 — 1 






< 












<> 






Ofr 






Q O 






cr 2 






O LU 






O 2 






LU — 

cr S 






o 

LO 
CO 



o 

CO 



o 
< 

OL 
LU 
O 

~ LU 

-i 

CO 3 

^ CO 
LU 5 

LU >- 

cr cd 



CNJ 
LO 



CO 



LU 
CO 
< 
CD 
< 

< 
Q 

O 



3 
O 
O 

o 
< 

Q 

cr 
o 
o 



CO 



I/O OiB 9:1.1. EE .06I90S „ „ 

10/069112 



FIG.48 



REPRODUCTION [CELLULAR PHONE(USER1)107) 
Ks INDEPENDENT ~ ~ "~ 



REPRODUCTION REQ UEST 



SEND [KPp.CrtflKPmaster 



S200 



S241 



S252 



DECRYPT AND EXTRACT KEY 
Ksl WITH KEY Kp 

* ~ 

PRODUCE SESSIO N KEY Ks 1 S 253 



ENCRYPT KEY Ks WITH KEY Ksl 
TO PRODUCE DATA [Ks]Ks1 



E 



S254 



r SEND DATA [Ks]Ks1 



S256 



( CARD140 ) 



DECRYPT [KPp.CrtflKPmaster 
WITH KPmaster 




I PRODUCE SESSION KEY Ks"i~| s246 



ENCRYPT Ksl WITH KEY KPp 



i 



PRODUCE AND SEND [Ks1]KPp 
— i 



S248 



S250 



1 



DECRYPT [Ks]Ks1 WITH KEY Ksl 
TO ACCEPT KEY Ks 



S258 

'determine" 

DATA License IN REGISTER, 

REPRODUCIBLE?^-- S2 5g 



READ [[Kc]Kcom,License]Kcard(D FROM 
MEMORY. AND DECRYPT WITH Kcard(1) 



S260 



DECODABLE WITH 
J<EY KcardO)?^-^^ 2 

TO S264 



TO S280 



FIG.49 



DECRYPT DATA [[Kc]Kcom]Ks WITH 
KEY Ks TO ACCEPT ENCRYPTED 
KEY [Kc]Kcom 



I 



FROM S262 
4 



FROM S245, 
S259.S262 



EXTRACT ENCRYPTED KEY [Kc]Kcom 
j S26 4 



CHANGE DATA License IN REGISTER 
j S266 



ENCRYPT ENCRYPTED LICENSE 
KEY [Kc]Kcom WITH KEY Ks 

I 



OUTPUT [[Kc]Kcom]Ks 



DECRYPT ENCRYPTED KEY [Kc]Kcom 
WITH KEY Kcom TO ACCEPT Kc 



\ f 



S272 



S273 



S268 
S270 



READ AND OUTPUT DATA 
[Dc]Kc FROM MEMORY 



DECRYPTS DATA [Dc]Kc WITH 
KEY Kc TO PRODUCE PLAINTEXT 
MUSIC DATA 



I 



S274 



S276 



REPRODUCE MUSIC FROM 
PLAINTEXT MUSIC DATA 



S278 



( END ) s280 



jl o e & "3 jl ± e . 1 



DC co 
Li_ 00. 



CD 
U_ CO 



V- 

O LU 

£= Q. 

CD 

>- 

m 



O 

LU 

or 



h- E 
Q_ O 

O o 



So 

y I — 

i — ! 2: 
o 

LU o 



O LU 9 



00 



UJXK 
O Ql < 

LU O LU O 
O0 < O h- 




r— • CT — j 

o 



So:; 
3 FT^ ^ 

LU O LU O 
CO < O I — 



CO 
00 



>- 

LU 



O 
cr 



E 



LU 

i — 

CL 
O 



CO 

co 

CO 

CO 



cr 

LU 
I — 

CO 

O 
LU 

or 
or 
o 



13 

< 
I — 
<£ 
Q 



CO 
CD 



OS 
CT co 
Li_ CO - 



< 53 
h- o 

< !□ 

§ S 
<^ 

o 1 1 

^ < 

1 — ' Q 

lu W 
*o 

5: o 
of 



8 I 

J o 
z p 



CE 


CO 
LO 




z 


CO 

CO 


CD 


<c 




1 — 




LU 


Q_ 












<£. LU 






en ^ 




co 


LU O 
U_ 31 




LU 


CO Q_ 










€ 


11 










LU 


LU —1 




2= 


Eg 




3E 

cr: 


o ^ 

LU >- 




LU 


en co 




LLJ 

O 



< ^ 
O ^ z 

3 m o 

nUJl 

> CL ^ 
LU LU ^ 
O O _l 
LU O LU 

cr <c o 




o ~ 
cr co 
u_ co 



, ... , 



•i o o .6 *3 .:i .1. 2 B lcOr/jO;6fti 1 2 



FIG.53 

DISTRIBUTION [ VENDING MACHINE3020 J 

S500 



I REQUEST 

— x~ 



(CARPI 40) 



REQUEST SENDING OF [KPmedia(1 ),Crtf]KPmaster 
! 



DECRYPT [KPmedia(1),Crtf]KPmaster WITH 
KPmaster TO ACCEPT KPmedia(l) AND Crtf 




S509 



COLLECT CHARGE 



S512 



S502' 



1 



OUTPUT [KPmedia(1 ),Crtf3KPmaster | S5Q7 



PRODUCE SESSION KEY Ks BY VENDING MACHINE 
ENCRYPT KEY Ks WITH KEY KPmedia(l) 
PRODUCE DATA [Ks]Kmedia(1) 



S514 



SEND [Ks]Kmedia(D FROM VENDING 
MACHINE TO CELLULAR PHONE 
1 



S516 



; | DECRYPT AND EXTRACT KEY Ks WITH KEY Kmedia(l) 
! j S520 



PRODUCE KEY Ksl 



S521 



ENCRYPT PUBLIC ENCRYPTION KEY 
KPcard(1) AND KEY Ksl WITH KEY Ks 



PRODUCE [KPcard( 1),Ks1]Ks 
~i 



S522 
S524 



RECEIVE [KPcard(1),Ks1]Ks BY 
VENDING MACHINE 



DECRYPT AND EXTRACT KEYS 
KPcard(1) AND Ks1 WITH KEY Ks 



PRODUCE LICENSE INFORMATION 
DATA License BY VENDING MACHINE 



S528 



S530 



S532 



OBTAIN AND SEND [Dc]Kc FROM 
DISTRIBUTION INFORMATION DATABASE 



S534 



TO S561 



TO S540 



STORE DATA [Dc]Kc IN M EMORY 
1 



S538 



JL 



o o 6 *a :i i, e „, ij ^ j J 2 



o 

LO 

to 

CO 



LO 
CO- 



00- 



LO 

00- 



LO 

-co 



CO 
LO 

OO- 



oo 

CO 
LO 

00 



o 



LO 
CO 



LU 
CO 
< 
CD 
< 
I— 
< 

O Z 

£2 

>- cr 
lu f; 



co ~ 

LU O 

Or 



2 99 
o Q 



<L> 
CO 
C 
CD 
O 



< 

Q 

E 
o 
o 

^ "P 
1 — 1 ^ 

>- O 

lu a. 
I- > 

Q_ LU 

>» ^ 

o: x 

§i 

lu 5 



03 
O 

""a? 

CO 

c 

<D 
O 



E 
o 
o 



o ^_ 

I- > 

Q. LU 

>- ^ 




CO 
LO 
LO 
00 



o 

CO 
LO 

co-- 



O Z 

m >- 

I- LU 

co o 

o oo 

LU O < 
DC < 2 





LU 




CO 




< 




CD 


o 




or 




C0I 


DA 


LU 


z 


cr 


o 


CO 




LU 


I 


1 




< 


H 


CO 


00 


RF 


z 


o 




1- 


Q 


00 


< 



CNJ 
CO 
LO 
CO 



2" 

O 

cr 

LL_ 



LO 

O 



< z 
oob 

5? I — co 
< ujS2< 

LU ^ ^ CD 
O Q ^ h- 
CO LU < O 



co 

LO 

CO 



LU 



..1. 0 O aS. e ,1. ,1, iS flCHEyJrf 



FIG.55 



cs|^h-|> 

146(K^ 



1466 



INTERFACE 
CONTROLLER 



BS3(C) 




1474.0 



*> •* * I. 



FIG.56 



CS 
1460 



BR* 



1466 



1467-^5 



1469.7 



1469.6 



1469.5 



1469.4 

1469.3 
1468.3 



1462.3^ \. 
Din3|>^l-[> 

14682 14fi 

)in2|>^h-[> 



1468.2 
1462''- v 1469.2 

Din2 

1468.1 

1462.1 
Din1 

1468.0 




1469.1 




1462.0 
DinO 

Dout 

1464^1470 



DFF 




-1470.7 



1470.6 



DFF 



1470.5 



DFF 



1470.4 



DFF 



-1470.3 



DFF 



1470.2 



DFF 



1470.1 



DFF 



1470.0 



DFF 



1472.7 
BS3CD7) 



INTERFACE 
CONTROLLER 



1472.6 
BS3CD6) 



1472.5 
BS3(D5) 



1472.4 
BS3(D4) 



1472.3 
BS3(D3) 



1472.2 
BS3CD2) 



1472.1 
BS3(D1) 



1472.0 
BS3(D0) 



1474.7- 
1474.6- 

1474.5- 

1474.4- 

1474.3- 

1474.2- 

1474.1- 

1474.0 



— — — HM. POO' 

°^HCk — 



BS3CD7) 



1490 



BS3(C) 



BS3 



BS3CD6) 



f-y, BS3(D5) ^ 



BS3CD4) 



BS3CD3) 



,h >1__H±: 



BS3(D2) 



BS3(D1) 



DFF 



BS3(D0) 



1476.7 



1476.6 



1476.5 



1476.4 



1476.3 



1476.2 



1476.1 



:L OCil i8 91 JL JL 2 . Q fi JL *3 O H 



. . Full name of seventh inventor (given name, family name) -Taizou KINQgHIjA^ 

Inventor's Signature ~T^^> f^^U^C^ Date May 13, 2002 

Residence Kokubunji-shi, Tokyo,, Japan Citizenship Japanese 



Post Office Address c/o Central Research Laboratory, HITACHI, LTD., 
280, Higashikoigakubo 1-chome, Kokubunji-shi, 
Tokyo 185-8601 Japan 



Full name of eighth inventor (given name, family name) Takeaki ANAZAWA 
Inventor's Signature Date 



Residence Minato-ku, Tokyo, Japan Citizenship Japanese 



Post Office Address c/o NIPPON COLUMBIA CO., LTD., 14-14, Akasaka 4-cbome, 
Minato-ku, Tokyo 107-8011 Japan 

Full name of ninth inventor (given name, family name) Toshiaki HIOKI 



Inventor's Signature — — Date 

Residence Oqaki-shi, Gifu, Japan Citizenship Japanese 



Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi , Osaka 570-8677 Japan 



Full name of tenth inventor (given name, family name) Miwa KANAMORI 



Inventor's Signature — Date 

Residence Oqaki-shi, Gifu, Japan Citizenship Japanese 



Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi, Osaka 570-8677 Japan 



Full name of eleventh inventor (given name, family name) Yoshihiro HORI 



Inventor's Signature __ Date 

Residence Gifu-shi. Gifu, Japan Citizenship Japanese 



Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi, Osaka 570-8677 Japan 



Full name of twelfth inventor (given name, family name) 

Inventor's Signature _ — Date 

Residence _ Citizenship 

Post Office Address 



Full name of thirteenth inventor (given name, family name) 

Inventor's Signature _ — Date 

Residence Citizenship 

Post Office Address 



I hereby appoint the following attorney(s) and/or agent(s) to prosecute this application and to transact all business in the Patent 
and Trademark Office connected therewith: 



23850 

PATENT TRADEMARK OFFICE 

Please direct all communications to the following address: 



23850 

PATENT TRADEMARK OFFICE 

I hereby declare that all statements made herein of my own knowledge are true and that all statements made on information and 
belief are believed to be true; and further that these statements were made with the knowledge that willful false statements and 
the like so made are punishable by fine or imprisonment, or both, under Title 18 of the United States Code, § 1001 and that such 
willful false statements my jeopardize the validity of the application or any patent issued thereon. 



O0 



(See note C) Full name of sole or first inventor (given name, family name) Masavuki HATANAKA ^ 

Inventor's Signature %dA(^A Wqfam&U, Date May 17, 2002 

Residence Kawasaki-shi, Kanaqawa, Japan 7 Citizenship Japanese 

Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 

Full name of second inventor (given name, family name) Jun KAMADA » 



Inventor's Signature ^ ^ Date May 17, 2002 

Residence Kawasaki-shi, Kanaqawa, Japan Citizenship Japanese 



Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 

^0 h Full name of third inventor (given name, family name) Takahisa HATAKEYAMA 

Inventor's Signature V^Q^^p^ Date May 17, 2002 

Residence Kawasaki-shi , Kanagawa , Japan Citizenship Japanese 



Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 

Full name of fourth inventor (given name, family name) Takayuki HASEBE 



Inventor's Signature "SkJ^lL Uiudt^^. Date May 17, 2002 

Residence Kawasaki-shi , Kanagawa , Japan Citizenship Japanese 



Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 

Full name of fifth inventor (given name, family name) Seiqou KQTANI 

~£>"° * Q, ^ 5fT ^ + May 17, 2002 
Inventor's Signature /^±^ Date 1 1 



Residence Kawasaki-shi, Kanaqawa, Japan Citizenship Japanese 



Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 



0> 



£)t) Full name of sixth inventor (given name, family name) Shigeki FURUTA 



r's Signature St^^L^ T^^t^^ 

Residence Kawasaki-shi, Kanaqawa, Japan Citizenship Japanese 



Inventor's Signature ^d^gfefa CJ±^L^ Date May 17, 2002 



Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 



.1, 0 0'6 } 9i .1 EH! ai O £u :L «J 02 



Full name of seventh inventor (given name, family name) TaiZQU KINQSHITA 

Inventor's Signature Date 



Residence Kokubunj i-shi , Tokyo, Japan Citizenship Japanese 



Post Office Address c/o Central Research Laboratory, HITACHI, LTD., 
280, Higashikoigakubo 1-chome, Kokubunji-shi, 
Tokyo 185-8601 Japan 



Full name of eighth inventor (given name, family name) Takeaki ANAZAWA 
Inventor's Signature Date 



Residence Minato-ku, Tokyo, Japan Citizenship Japanese 



Post Office Address c/o NIPPON COLUMBIA CO., LTD., 14-14, Akasaka 4-chome, 
Minato-ku, Tokyo 107-8011 Japan 

Full name of ninth inventor (given name, family name) Toshiaki HIQKI 



Inventor's Signature — Date 



Residence Oqaki-shi, Gifu, Japan Citizenship Japanese 

Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Kexhanhondori 2-chome, Moriguchi-shi, Osaka 570-8677 Japan 

Full name of tenth inventor (given name, family name) Miwa KANAMORI 



Inventor's Signature Date 

Residence Oqaki-shi, Gifu, Japan Citizenship Japanese 

Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi, Osaka 570-8677 Japan 

Full name of eleventh inventor (given name, family name) Yoshihiro HORI _ — 



Inventor's Signature Date : 

Residence Gifu-shi. Gifu, Japan Citizenship Japanese 

Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi, Osaka 570-8677 Japan 



Full name of twelfth inventor (given name, family name) 

Inventor's Signature Date 

Residence Citizenship 

Post Office Address 



Full name of thirteenth inventor (given name, family name) 

Inventor's Signature Date 

Residence Citizenship 

Post Office Address 



Docket No. P806-69 8-A020231 



Armstrong, Westerman & Hattori, LLP 



Declaration for U.S. Patent Application 
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I believe I am the original, first and sole inventor (if only one name is listed below) or an original, first and joint inventor (if plural 
names are listed below) of the subject matter which is claimed and for which a patent is sought on the invention entitled 

Data Distribution System as well as Data Supply Device, Terminal Device and 
Recording Device for the Same 



the specification of which is attached hereto unless the following is checked 
_ August 25, 

tH] was filed on 2000 as PCT International Application Number PCT/JPOO/05770 and was amended on 

April 19, 2001, (if applicable). 

August 15 f 2001 and November 1, 2001 

was filed on February 2? r as United States Application Number 10/069, 112 ^ was amended on 
February 2 ^ 200? (if applicable). 



I hereby state that I have reviewed and understand the contents of the above-identified specification, including the claim(s), as 
amended by any amendment referred to above. 

I acknowledge the duty to disclose information which is material to patentability as defined in Title 37, Code of Federal 
Regulations, § 1 .56. 

I hereby claim foreign priority benefits under Title 35, United States Code, § 1 19 (a) - (d) of any foreign applications) for patent or 
inventor's certificate listed below and have also identified below any foreign application for patent or inventor's certificate having 
a filing date before that of the application for which priority is claimed. 



Priority Claimed 



(List prior 
foreign 
applications. 
See note A) 



11-241747 Pat. 


Japan 


27 /August/ 1999 


(Number) 
11-345229 Pat. 


(Country) 
Japan 


(Day/Month/Year Filed) 
03 /December/1999 


(Number) 


(Country) 


(Day/Month/Year Filed) 


(Number) 


(Country) 


(Day/Month/Year Filed) 


(Number) 


(Country) 


(Day/Month/Year Filed) 



Yes 



x Yes 



Yes 



Yes 



No 



No 



No 



No 



(See note B) _ See attached list for additional prior foreign applications 

I hereby claim the benefit under Tide 35, United States Code, § 120 of any United States application(s) listed below and, insofar as 
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willful false statements my jeopardize the validity of the application or any patent issued thereon. 
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I hereby claim the benefit under Title 35, United States Code, § 120 of any United States application(s) listed below and, insofar as 
the subject matter of each of the claims of this application is not disclosed in the prior United States application in the manner 
provided by the first paragraph of Title 35, United States Code, § 1 12, 1 acknowledge the duty to disclose information which is 
material to patentability as defined in Title 37, Code of Federal Regulations, § 1.56 which became available between the filing date 
of the prior application and the nationl or PCT international riling date of this application. 

Status 

Patented < Pending Abandoned 

Patented Pending Abandoned 

Patented Pending Abandoned 

Patented Pending Abandoned 



(List prior U.S. 
Applications) 



(Application Serial No.) 



(Application Serial No.) 



(Application Serial No.) 



(Filing Date) 



(Filing Date) 



(Filing Date) 



(Application Serial No.) 



(Filing Date) 
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I hereby 'appoint the following attorney(s) and/or agent(s) to prosecute this application and to transact a^l business in the Patent 
and Trademark Office connected therewith: 



23850 

PATENT TRADEMARK OFFICE 

Please direct all communications to the following address: 



23850 

PATENT TRADEMARK OFFICE 

I hereby declare that all statements made herein of my own knowledge are true and that all statements made on information and 
belief are believed to be true; and further that these statements were made with the knowledge that willful false statements and 
the like so made are punishable by fine or imprisonment, or both, under Title 18 of the United States Code, § 1001 and that such 
willful false statements my jeopardize the validity of the application or any patent issued thereon. 

(See note C) Full name of sole or first inventor (given name, family name) Masayuki HATANAKA 



Inventor's Signature Date 

Residence Kawasaki-shi, Kanaqawa, Japan Citizenship Japanese 



Post Office Address c /o FUJITSU LIMITED, 1-1 , Kamikodanaka 4-chorne, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 

Full name of second inventor (given name, family name) j un KAMADA 



Inventor's Signature — — — — Date 

Residence Kawasaki-shi , Kanaqawa , Japan Citizenship Japanese 



Post Office Address c/o FUJITSU LIMITED, 1-1 , Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 

Full name of third inventor (given name, family name) Takahisa HATAKEYAMA 

Inventor's Signature Date 



Residence Kawasaki-shi, Kanaqawa, Japan Citizenship Japanese 



Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 

Full name of fourth inventor (given name, family name) Takayuki HASEBE 



Inventors Signature Date 

Residence Kawasaki-shi , Kanaqawa , Japan Citizenship Japanese 



Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 

Full name of fifth inventor (given name, family name) Seiqou KOTANI 



Inventor's Signature Date 

Residence Kawasaki-shi , Kanaqawa , Japan Citizenship Japanese 



Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 

Full name of sixth inventor (given name, family name) Shigeki FURUTA 



Inventor's Signature Date 

Residence Kawasaki-shi, Kanaqawa, Japan Citizenship Japanese 



Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 
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Full name of seventh inventor (given name, family name) Taizou KTNORHTTA 
Inventor's Signature Date 



Residence Kokubunj i-shi , Tokyo, Japan Citizenship Japanese 



Post Office Address c/o Central Research Laboratory, HITACHI, LTD. 

280, Higashikoigakubo 1-chome, Kokubunj i-shi , 
Tokvo 185 -8601 Japan 



r ull name of eighth inventor (given name, family name) £akeaki ANAZAWA__^ 

Inventor's Signature ^Z^^L^i" AJ^^^^^^- Date May 7, 2002 
Residence Minato- ku, Tokvo, Jamn^^ky Citizenship Japanese 



Post Office Address c/o NIPPON COLUMBIA CO., LTD., 14-14, Akasaka 4-chome, 
Minato-ku, Tokyo 107-8011 Japan 

Full name of ninth inventor (given name, family name) Toshiaki HIOKI 



Inventor's Signature Date 

Residence Oqaki-s hi, Gifu, Japan Citizenship Japanese 

Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi , Osaka 570-8677 Japan 

Full name of tenth inventor (given name, family name) Miwa KANAMORI 



Inventor's Signature _ Date 

Residence Oqaki-shi, Gifu, Japan ~ Citizenship Japanese 

Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi, Osaka 570-8677 Japan 

Full name of eleventh inventor (given name, family name) Yoshihiro HORI 



Inventor's Signature Date 

Residence Gifu-shi, Gifu, Japan Citizenship Japanese 

Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi, Osaka 570-8677 Japan 



Full name of twelfth inventor (given name, family name) 

Inventor's Signature Date 

Residence Citizenship 

Post Office Address 



Full name of thirteenth inventor (given name, family name) 

Inventor's Signature _ 

Residence 



Post Office Address 



Citizenship 



Date 
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Docket No. P806-698^A020231 Armstrong, Westerman & Hattori, LLP 

Declaration for U.S. Patent Application 

As a below named inventor, I hereby declare that: 

My residence, post office address and citizenship are as stated below next to my name. 

I believe I am the original, first and sole inventor (if only one name is listed below) or an original, first and joint inventor (if plural 
names are listed below) of the subject matter which is claimed and for which a patent is sought on the invention entitled 

Data Distribution System as well as Data Supply Device, Terminal Device and 
Recording Device for the Same 

the specification of which is attached hereto unless the following is checked 
August 25, 

was filed on 2000 as PCT International Application Number PCT/ JP00 /Q5770 and was amended on 

April 19, 2001, (if applicable). 

August 15, 2001 and November 1, 2001 

^ was tiled on February 27. as United States Application Number 10/069,112 and was amended on 
Ffrhn-iary 2 ^ 200? (if applicable). 



I hereby state that I have reviewed and understand the contents of the above-identified specification, including the claim(s), as 
amended by any amendment referred to above. 



I acknowledge the duty to disclose information which is material to patentability as defined in Title 37, Code of Federal 
Regulations, § 1.56. 

I hereby claim foreign priority benefits under Title 35, United States Code, § 1 19 (a) - (d) of any foreign applications) for patent or 
inventor's certificate listed below and have also identified below any foreign application for patent or inventor's certificate having 
a filing date before that of the application for which priority is claimed. 



Priority Claimed 



(List prior 
foreign 
applications. 
See note A) 



11-241747 Pat. 


Japan 


27/Auqust/199q 




Yes 


No 


(Number) 


(Country) 


(Day/Month/Year Filed) 








11-345229 Pat. 


Japan 


03 /December/ 1999 


X 


Yes 


No 


(Number) 


(Country) 


(Day/Month/Year Filed) 




Yes 


No 


(Number) 


(Country) 


(Day/Month/Year Filed) 




Yes 


No 


(Number) 


(Country) 


(Day/Month/Year Filed) 









(See note B) See attached list for additional prior foreign applications 

I hereby claim the benefit under Title 35, United States Code, § 120 of any United States application(s) listed below and, insofar as 
the subject matter of each of the claims of this application is not disclosed in the prior United States application in the manner 
provided by the first paragraph of Title 35, United States Code, § 1 12, 1 acknowledge the duty to disclose information which is 
material to patentability as defined in Title 37, Code of Federal Regulations, § 1.56 which became available between the filing date 
of the prior application and the nationl or PCT international filing date of this application. 

Status 



(List prior U.S. 
Applications) 



(Application Serial No.) 


(Filing Date) 


(Application Serial No.) 


(Filing Date) 


(Application Serial No.) 


(Filing Date) 



(Application Serial No.) 



r Patented Pending Abandoned 

Patented _ Pending Abandoned 

Patented Pending Abandoned 

Patented Pending Abandoned 



(Filing Date) 
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I hereby 'appoint the following attorney(s) and/or agent(s) to prosecute this application and to transact ajl business in the Patent 
and Trademark Office connected therewith: 




23850 

PATENT TRADEMARK OFFICE 

Please direct all communications to the following address: 




23850 

PATENT TRADEMARK OFFICE 

I hereby declare that all statements made herein of my own knowledge are true and that all statements made on information and 
belief are believed to be true; and further that these statements were made with the knowledge that willful false statements and 
the like so made are punishable by fine or imprisonment, or both, under Title 18 of the United States Code, § 1001 and that such 
willful false statements my jeopardize the validity of the application or any patent issued thereon. 

(See note C) Full name of sole or first inventor (given name, family name) Masayuki HATANAKA 

Inventor's Signature Date 

Residence Kawasaki-shi , Kanaqawa , Japan Citizenship Japanese 

Post Office Address c /o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi , Kanagawa 211-8588 Japan 



Full name of second inventor (given name, family name) Jun KAMADA 

Inventor's Signature Date 

Residence Kawasaki-shi , Kanaqawa , Japan Citizenship Japanese 

Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 



Full name of third inventor (given name, family name) Takahisa HATAKEYAMA 

Inventor's Signature *> ate 

Residence Kawasaki-shi , Kanaqawa , Japan Citizenship Japanese 

Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 



Full name of fourth inventor (given name, family name) Takayuki HASEBE 

Inventor's Signature ^ ate 

Residence Kawasaki-shi , Kanaqawa , Japan Citizenship Japanese 

Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 



Full name of fifth inventor (given name, family name) Seiqou KQTANI 

Inventor's Signature — Date 

Residence Kawasaki-shi , Kanaqawa , Japan Citizenship Japanese 

Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 



Full name of sixth inventor (given name; family name) Shigeki FURUTA 

Inventor's Signature Date 

Residence Kawasaki-shi, Kanaqawa, Japan Citizenship Japanese 

Post Office Address c/o FUJITSU LIMITED, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588 Japan 
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Full name of seventh mventor (given name, family name) Taizou KINOSHITA 
Inventor's Signature Date 



Residence Kokubunj i-shi , Tokyo, Japan Citizenship Japanese 



Post Office Address c/o Central Research Laboratory, HITACHI, LTD., 
280, Higashikoigakubo 1-chome, Kokubunj i-shi, 
Tokyo 185-8601 Jap an 



Full name of eighth inventor (given name, family name) Takeaki ANAZAWA 
Inventor's Signature Date 



Residence Minato-ku, Tokyo, Japan Citizenship Japanese 



Post Office Address c/o NIPPON COLUMBIA CO., LTD., 14-14, Akasaka 4-chome, 
Minato-ku, Tokyo 107-8011 Japan 

Cj'^ZU Full naine of ninm inventor (given name, fainily name) Toshiaki HIOKI 



Inventor's Signature y^^U^J^ Date /X pY % — ^ ^ 



Residence Ocraki-shi, Gifu, Japan 'TfPX Citizenship Japanese 
Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 



Keihanhondori 2-chome, Moriguchi-shi , Osaka 570-8677 Japan 



Full name of tenth inventor (given name, family name) Miwa KAN AMOR I 



Inventor's Signature A^f t ^(X <^6^ia^nicr2/, Date /-^?f^ - ^ ^ 



Residence O qaki-shi, Gifu, Japan tTff^ Citizenship Japanese 

Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi, Osaka 570-8677 Japan 

| Full name of eleventh inventor (given name, family name) Yoshihiro jaO&L^ 

Inventor's Signature / C)/6^J Date X^/P^- ^irv 2- 

Residence Gifu-shJL,, Gifu, Japan Vilffy Citizenship Japanese 



Post Office Address c/o SANYO ELECTRIC CO., LTD., 5-5, 

Keihanhondori 2-chome, Moriguchi-shi, Osaka 570-8677 Japan 

Full name of twelfth inventor (given name, family name) 

Inventor's Signature Date 

Residence Citizenship 

Post Office Address 



Full name of thirteenth inventor (given name, family name) 

Inventor's Signature 

Residence 



Post Office Address 



Date 

Citizenship 



Docket No. P806-69 8-A020231 Armstrong, Westerman & Hattori, LLP 

Declaration for U.S. Patent Application 



As a below named inventor, I hereby declare that: 



My residence, post office address and citizenship are as stated below next to my name. 

I believe I am the original, first and sole inventor (if only one name is listed below) or an original, first and joint inventor (if plural 
names are listed below) of the subject matter which is claimed and for which a patent is sought on the invention entitled 

Data Distribution System as well as Data Supply Device, Terminal Device and 
Recording Device for the Same 



the specification of which is attached hereto unless the following is checked 
August 25, 

[gj was filed on 2000 as PCT International Application Number PCT/JPOQ/0 57 70 and was amended on 

April 19, 2001, (if applicable). 
August 15, 2001 and November 1, 2001 

g] was filed on February 27 , as United States Application Number 10/069, 112 was amended on 

F^hniary 2( ffi; 2002 (if applicable). 



I hereby state that I have reviewed and understand the contents of the above-identified specification, including the claim(s), as 
amended by any amendment referred to above. 



I acknowledge the duty to disclose information which is material to patentability as defined in Title 37, Code of Federal 
Regulations, § 1 .56. 

I hereby claim foreign priority benefits under Title 35, United States Code, § 1 19 (a) - (d) of any foreign applications) for patent or 
inventor's certificate listed below and have also identified below any foreign application for patent or inventor's certificate having 
a filing date before that of the application for which priority is claimed. 



Priority Claimed 



(List prior 
foreign 
applications. 
See note A) 



11-241747 Pat. 


Japan 


27 /August /1999 




Yes 


No 


(Number) 


(Country) 


(Day/Month/Year Filed) 








11-345229 Pat. 


Japan 


03 /December/ 1999 


X 


Yes 


No 


(Number) 


(Country) 


(Day/Month/Year Filed) 




Yes 


No 


(Number) 


(Country) 


(Day/Month/Year Filed) 




Yes 


No 


(Number) 


(Country) 


(Day/Month/Year Filed) 









(See note B) 



See attached list for additional prior foreign applications 



I hereby claim the benefit under Tide 35, United States Code, § 120 of any United States application(s) listed below and, insofar as 
the subject matter of each of the claims of this application is not disclosed in the prior United States application in the manner 
provided by the first paragraph of Title 35, United States Code, § 1 12, 1 acknowledge the duty to disclose information which is 
material to patentability as defined in Title 37, Code of Federal Regulations, § 1 .56 which became available between the filing date 
of the prior application and the nationl or PCT international filing date of this application. 

Status 



(List prior U.S. 
Applications) 



(Application Serial No.) 


(Filing Date) 




(Application Serial No.) 


(Filing Date) 




(Application Serial No.) 


(Filing Date) 




(Application Serial No.) 


(Filing Date) 





Patented Pending _____ Abandoned 

Patented Pending Abandoned 

Patented Pending Abandoned 

Patented __ Pending Abandoned 



